[NTLUG:Discuss] Recommendation for "Log File Analysis" and firewall updater Software/system/program
MadHat
madhat at unspecific.com
Mon Dec 13 08:34:58 CST 2004
�On Dec 11, 2004, at 12:55 AM, David Simmons, PE wrote:
> Subject line say's it all...I keep noticing multiple ssh login failures
> (which are not me) and while I feel good about my passwords - I know
> it's just a matter of time!? Want something that auto-magically
> analyzes
> the logs to secure the system.
Are you wanting something that already has everything built in, as far
as what it should look for? Or are you looking for a tool that has the
ability to look at logs and be told what you want to alert on?
For the later I highly recommend SEC. Very configurable and works much
better than swatch or a few other packages.
http://kodu.neti.ee/~risto/sec/
Last company I worked at ended up using this for monitoring large
datacenter central syslog servers.
More information about the Discuss
mailing list