I have a program called Catalyst [1] that I have been developing for the past while. [1] http://nrrrd.net/catalyst/ More specifically: [2] http://nrrrd.net/catalyst/slim.html System Log Intrusion Monitor (SLIM), is an extension to Catalyst that allows for (in brief, read more on the latter link, [2]): * Log/event and host based intrusion detection * Active, real-time analysis and response * Powerful administration and management * Flexible network integration * Integrates into existing network management systems * Heirarchical, rule-based directives * Variable source inputs * Directive and source grouping/classing * Session generation and tracking * Event, history, and session correlation * Threshholds (floor and ceiling) * Event throttling/quenching * Actions and Counteractions * Simple mail and pager templates * Database archival and stacked log module queuing Combined with other modules, Catalyst and SLIM provide for an extremely controllable and flexible framework for all logging needs. I have been debating on releasing this somewhere within the open source initiative, but I haven't decided on a license yet. At the moment, I will make it available under a non-disclosure agreement. If you are interested in obtaining a copy, please email me and we'll go from there. Regards, Nathan --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 13:01:04 PDT