log analyze applications

To: Debian-Security List <debian-security@lists.debian.org>
Subject: log analyze applications
From: eim <eim@eimbox.org>
Date: 27 Feb 2002 16:22:31 +0100
Message-id: <[🔎] 1014823357.401.15.camel@eimbox>

log analyze applications
========================

Hallo to everyone on the debian-security list.

I've got some questions related to log analyzing applications,
actually on my debian server boxes I've installed and configured
software like...

	* logcheck	(System Log Analyzer)
	* snort		(Intrusion Detection System)
	* ippl		(IP protocols logger)


All these apps. check my system for security alerts, malfunctions,
network activity and so on... everything works quite well, the
only problem is: they generate *REALLY* much mail traffic with
lots of output which I can't read all.

So my question is, has anyone a good solution for checking
syslogs, netlogs, etc. in order to have a simple and strict
overview of system activities ?

Are there any tools which are smarter, faster and cleaner
as my combination of log analyze apps. ?

Thanks for any suggestions !
 
 - Ivo Marino

-- 

 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«
 Ivo Marino                    eim@eimbox.org
 UN*X Developer, running Debian GNU/Linux
 irc.OpenProjects.net #debian
 http://eimbox.org/~eim     http://eimbox.org
 »« »« »« »« »« »« »« »« »« »« »« »« »« »« »«

Reply to:

Follow-Ups:
- Re: log analyze applications
  - From: Eric LeBlanc <inouk@toutatis.igt.net>
- Re: log analyze applications
  - From: "Noah L. Meyerhans" <frodo@morgul.net>
- Re: log analyze applications
  - From: Moses Moore <mmoore@novator.com>
- Re: log analyze applications
  - From: eim <eim@eimbox.org>

Prev by Date: php4: broken boundary check
Next by Date: Re: log analyze applications
Previous by thread: php4: broken boundary check
Next by thread: Re: log analyze applications
Index(es):
- Date
- Thread