[Dshield] Syslog realtime report builder

Jon R. Kibler Jon.Kibler at aset.com
Wed Mar 15 01:10:37 GMT 2006


Andrew wrote:

> Do any of you know of a quality syslog monitor than can
> format/display/filter events in real time (or reasonably similar to real
> time?).

There are a TON of them. My favorite:
	SWATCH:		http://swatch.sourceforge.net

Also, you may want to consider:
	Logmon	
	LogIDS

There are a bunch of other ones out there too... including a java-based web browser app (don't remember what that one is called).

Finally, "Do It Yourself" is trivial. You can capture realtime log info from syslog by piping the output to a script -- just make sure the script is running before you start syslogd or it may hang init. For example
local5.info	| /usr/local/bin/mylogmon.sh

Hope this helps!
Jon Kibler
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list