[Dshield] Syslog Server Software

J Lake jlake at knoxcounty.midcoast.com
Wed Mar 15 14:48:46 GMT 2006


On Wednesday 15 March 2006 07:53 am, Timothy A. Holmes wrote:
> I am looking for some software that will allow me to create a
> centralized syslog server on one of my linux stations.  Preferably with
> some sort of EASILLY useable web interface.  Im monitoring about 12 - 15
> hosts, and im one person doing all the IT work for the company.  Sorting
> and filtering capabilities are a must and remote alerting (email) would
> be really sweet if its possible.

FWIW, I use swatch for the e-mailing alerts, etc. 
There is a syslog web interface program here:
http://www.phplogcon.com/

But I haven't used it. I usually have a perl script pull out anything useful
first, and sort it, etc. Others will probably tell me not to do this, because 
I might miss unexpected entries, but I have like 500,000 lines/day to deal 
with and it is the only way that works for me.

There is a filter-syslog perl script out there too if you want to take a look, 
it is at: http://www.eyrie.org/~eagle/software/filter-syslog

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20060315/22681be5/attachment.bin


More information about the list mailing list