RE: syslog GUI for Linux

From: Jim Conner (jconner_at_lrn.com)
Date: 04/20/04

  • Next message: Murad Talukdar: "Re: Monitor XP (ICS ) client connections?"
    To: 'aruna' <arunah@slt.lk>, Omar Khawaja <omarkhawaja@yahoo.com>, security-basics@securityfocus.com
    Date: Tue, 20 Apr 2004 08:27:27 -0700
    
    

    Well, I am going to be writing one soon. I am building a central syslog
    system for my company and am developing the entire deal...

    Here is what I have done so far:

    * The central server is an HP DL-360 G3 2.4Gigahertz 2.5Gigabyte machine
    with a mirrored 72Gig hdd.
    * The syslog daemon I am using is passlogd listening to eth1 which is
    IP-less in PROMISC mode.
    * I wrote a perl program (almost complete) that monitors the syslog file and
    loads events into a MySQL database separating firewall entries to a separate
    set of tables (currently supports PIX and iptables) from the system messages
    tables. The tables are nothing big. Primarily, I set the tablespace up so
    that duplicate entries don't get stored.
    * I intend to write a PHP front end to perform queries against the database
    for the syslog events.

    I currently have a project on sourceforge that I was given explicit
    permission from my employer to GPL. I intend to ask for the same in this
    project but I can't guarantee anything. If they don't allow me to GPL the
    project then I intend to re-write it for home use which I will GPL.

    Now, I haven't really answered your question in a decent manner yet. No, I
    don't currently have an idea of a good solution to your delimma. I couldn't
    find one which is why I am writing my own. However, if you or anyone else
    has a better solution then I would love to hear it. Why re-invent the
    wheel? :)

    - Jim

    ------------------------------------
    Jim Conner | Systems Administrator
    310.209.5487 | http://www.lrn.com
    LRN -- The Legal Knowledge Network

    -----Original Message-----
    From: aruna [mailto:arunah@slt.lk]
    Sent: Friday, April 16, 2004 10:01 PM
    To: Omar Khawaja; security-basics@securityfocus.com
    Subject: Re: syslog GUI for Linux

    Hello everybody,

    May i also know if there is any avilability of a syslog message filter
    via a web interface running on a Linux box.

    Thanks for any help.

    Regards

    aruna
    ----- Original Message -----
    From: "Omar Khawaja" <omarkhawaja@yahoo.com>
    To: <security-basics@securityfocus.com>
    Sent: Thursday, April 08, 2004 9:29 AM
    Subject: syslog GUI for Linux

    > I am looking for a script / application that will allow me to display and
    > intelligently filter (based on time, source, etc.) syslog messages, via a
    > web interface.
    >
    > Through a preliminary search, I have come across a few applications, but
    > none have been updated for the past few years and therefore don't work too
    > well with the newer versions of PHP, mySQL, etc.
    >
    > Any recommendations would be deemed helpful. Thanks.
    >
    > ___
    > Omar Khawaja
    >
    >
    >
    >
    >
    > --------------------------------------------------------------------------
    -
    > Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    > any course! All of our class sizes are guaranteed to be 10 students or
    less
    > to facilitate one-on-one interaction with one of our expert instructors.
    > Attend a course taught by an expert instructor with years of in-the-field
    > pen testing experience in our state of the art hacking lab. Master the
    skills
    > of an Ethical Hacker to better assess the security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------------------

    --
    >
    >
    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
    any course! All of our class sizes are guaranteed to be 10 students or less 
    to facilitate one-on-one interaction with one of our expert instructors. 
    Attend a course taught by an expert instructor with years of in-the-field 
    pen testing experience in our state of the art hacking lab. Master the
    skills 
    of an Ethical Hacker to better assess the security of your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
    any course! All of our class sizes are guaranteed to be 10 students or less 
    to facilitate one-on-one interaction with one of our expert instructors. 
    Attend a course taught by an expert instructor with years of in-the-field 
    pen testing experience in our state of the art hacking lab. Master the skills 
    of an Ethical Hacker to better assess the security of your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------
    

  • Next message: Murad Talukdar: "Re: Monitor XP (ICS ) client connections?"