Re: Better Syslog server

From: Michael Katz (mike@procinct.com)
Date: 03/17/03

  • Next message: dreamwvr@dreamwvr.com: "Re: Better Syslog server"
    Date: Mon, 17 Mar 2003 11:20:43 -0800
    To: focus-sun@securityfocus.com
    From: Michael Katz <mike@procinct.com>
    
    

    At 3/17/2003 06:18 AM, Matt Harris wrote:

    >I've been looking a bit on google/sourceforge/etc to try and find a more
    >configurable and extensible syslog server, to no avail. Does anyone
    >know of such a thing? If nothing is out there already, I'll probably
    >embark on a project to do it myself. I'm thinking of a config format
    >somewhat like this:

    Matt,

    I recommend starting here:

    http://www.counterpane.com/log-analysis.html

    It includes sections on Programming with syslog, syslog Replacements, and
    log parsing tools.

    There is also a mailing list devoted to log analysis with archives that you
    may find useful:

    http://lists.shmoo.com/mailman/listinfo/loganalysis

    Michael Katz
    mike@procinct.com
    Procinct Security


  • Next message: dreamwvr@dreamwvr.com: "Re: Better Syslog server"

    Relevant Pages

    • Re: Better Syslog server
      ... On Mon, 17 Mar 2003, Matt Harris wrote: ... > configurable and extensible syslog server, ... I'm thinking of a config format ...
      (Focus-SUN)
    • RE: Syslog
      ... > Are there standard applications that are assigned the local numbers? ... Cisco routers for example can choose any syslog facility you like. ... config files, or via http, or tftp files, or stored in nvram. ...
      (Focus-SUN)
    • Re: no sshd log exists
      ... the config explains preety clear. ... Use syslog and the resource auth of syslog. ... Mail has the best spam protection around http://mail.yahoo.com ...
      (SSH)
    • Re: Can a Cisco router act as a syslog *server*?
      ... Is it possible to config a Cisco 800 series router a as a syslog ... I know it can log to a syslog server, but can I use it the other way ... Can the cisco 857 be configured to accept syslog messages from other ...
      (comp.dcom.sys.cisco)