Hi, I'm using NSM by Intellitactics (even if it's expensive as Antonio Minucci wrote). It's an Enterprise Security Management platform, which can listen snmp-trap, smtp messages and syslog events and store them in a unique DB. After it collects a message, this is transleted in a homogeneus record structure. It can understand syslog events coming from: - Solaris v8.0 - Cisco IOS v12.x - other security devices It can understand also Linux syslog (I collect logs from a Debian mail server). It has also very powerful analysis and correlation features (there is a visual rule system for its customization). It can present data stored in its DB through a web interace, showing tables and graph. For more details see: www.itactics.com If you are seeking for a free open source solution try IPFC: http://www.conostix.com/ipfc/ (I haven't tried it yet) Other links (for commercial tools): www.esecurityinc.com www.netforensics.com Bye! ----- Original Message ----- From: <cvincentat_private> To: <loganalysisat_private> Sent: Tuesday, February 19, 2002 2:13 PM Subject: [logs] I need a solution > > > Hello everybody, > does everyone knows a solution? > > I need a software that make the analyse of my syslog > file which come from a lot of security equipments like > firewall, router, event log... and which permits to send > an alert by mail..., make statistic on the alerts and > which doesn't use agent. I want it only works with a > syslog server. > > > Thanks for your help. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > For additional commands, e-mail: loganalysis-helpat_private > --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 09:35:53 PST