log analyze applications
log analyze applications
========================
Hallo to everyone on the debian-security list.
I've got some questions related to log analyzing applications,
actually on my debian server boxes I've installed and configured
software like...
* logcheck (System Log Analyzer)
* snort (Intrusion Detection System)
* ippl (IP protocols logger)
All these apps. check my system for security alerts, malfunctions,
network activity and so on... everything works quite well, the
only problem is: they generate *REALLY* much mail traffic with
lots of output which I can't read all.
So my question is, has anyone a good solution for checking
syslogs, netlogs, etc. in order to have a simple and strict
overview of system activities ?
Are there any tools which are smarter, faster and cleaner
as my combination of log analyze apps. ?
Thanks for any suggestions !
- Ivo Marino
--
»« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
Ivo Marino eim@eimbox.org
UN*X Developer, running Debian GNU/Linux
irc.OpenProjects.net #debian
http://eimbox.org/~eim http://eimbox.org
»« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
Reply to: