RE: syslog management

From: Loki (loki@fatelabs.com)
Date: 06/20/02 

From: "Loki" <loki@fatelabs.com>
To: "'Rich Hart'" <rich.hart@qwest.com>, "'Wang, Jack'" <Wang@Security-Card.com>
Date: Wed, 19 Jun 2002 20:02:43 -0400

Jack:

Also, I authored a paper recently dubbed Flying Pigs, Creating a Secure
Remote Syslog-NG server with SNORT. This might prove to be a good guide
to you for setting up Syslog-NG for remote, centralized logging of
multiple Syslog servers.
http://www.fatelabs.com

Eric

==================================================
Eric S. Hines
Chief Technical Officer
E*com Solutions, Inc.
ehines@ecomsolutionsinc.com
--------------------------------------------------
[w] http://www.ecomsolutionsinc.com
[e] ehines@ecomsolutionsinc.com
[p] (412) 303-3115
--------------------------------------------------
Corporate Headquarters
400 Travis Street
Suite 408
Shreveport, LA 71101
==================================================

-----Original Message-----
From: Rich Hart [mailto:rich.hart@qwest.com]
Sent: Wednesday, June 19, 2002 1:26 PM
To: Wang, Jack
Cc: focus-ids@lists.securityfocus.com
Subject: Re: syslog management

checkout syslog-ng

http://www.balabit.hu/static/syslog-ng/reference/book1.html

On Wed, 2002-06-19 at 09:05, Wang, Jack wrote:
> Hi all:
>
> Is there a good software to manage the huge amount of syslog generated

> by Network equipment, IDS etc?
>
> I have tested Kiwi syslog, winsyslog, syslogd.exe etc. In my opinion,
> the ideal one should be as following:
>
> --able to classify the log according to source
> --able to save into file (.txt, or db)
> --able to set up the rows of display
> --able to send email message
>
> Or any further comments will be appreciated.
>
> Best Regards,
> Jack
> 

--