Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network flow log consolidation

From: Steve Bernard <sbernard () GMU EDU>
Date: Tue, 25 Apr 2006 19:19:30 -0400
----- Original Message -----
From: "Jenkins, Matthew" <mjenkins7 () FAIRMONTSTATE EDU>
Date: Tuesday, April 25, 2006 4:32 pm
Subject: Re: [SECURITY] Network flow log consolidation


Speaking of MARS, does anyone know of an open source application
for collecting logs off of Cisco IDS modules?  MARS wasn't in the
budget this year :-)

Matt

Matthew Jenkins
Network/Server Administrator
Fairmont State University
304.367.4955
Visit us online at www.fairmontstate.edu

----- End Original Message -----

You may want to take a look at 'flow-tools'.  CAIDA used to support a couple of applications, 'cflowd' and 'flowscan', 
but they are no longer active or supported.

http://www.splintered.net/sw/flow-tools/
http://www.caida.org/tools/measurement/cflowd/
http://www.caida.org/tools/utilities/flowscan/

There's also a tool called 'Stager'.

http://software.uninett.no/stager/

You may find something useful at the 'Loganalysis.org' site too.

http://loganalysis.org/


Hope this helps.


Steve Bernard
sbernard () gmu edu
Previous By Date Next
Previous By Thread Next

Current thread: