Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: centralizing logs

From: "SecurIT Informatique Inc." <securit () iquebec com>
Date: Thu, 11 Mar 2004 13:47:57 -0500
You don't mention which OS you use, so if you're using some flavor of Windows, you could take a look at LogAgent/LogIDS at http://securit.iquebec.com.
LogAgent Open Source is exactly a log centralisation agent, while LogIDS can be used to analyze and display them. I am currently working on a new console design that should also be available in a couple of weeks from now.
It won't put your logs into a database, but it can be used to streamline your logs together (ie, make sure they are all comma-delimited), it will convert them in ASCII in the case of the Event Viewer, and from there it can easily be imported in any DB software or into a spreadsheet. 

Hope this helps.

Adam Richard
SécurIT Informatique Inc.

At 07:44 AM 11/03/2004, dcneting wrote:


is there any tool(open source/commercial) that can be use to centralized
every log into 1 database? Im using a lot of tools here like ethereal,
tcpdump,snort..bla bla bla...so, it is hard for me to see the log one by
one...




_____________________________________________________________________
Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps
réel avec MSN Messenger! C'est gratuit!   http://ifrance.com/_reloc/m
Previous By Date Next
Previous By Thread Next

Current thread: