[Ok, full disclosure, I work for LogLogic, so feel free to junk this if you consider all vendor speak spam :) ] A quick bit of news, LogLogic today open sourced (GPL) Project Lasso, a centralized Windows event collector. The original code base came from SNARE but now due to the different nature of the collection mechanism, there's about 20-25% of the SNARE code left in it. Most of the common code are around message expansion. In fact, the Lasso messages will appear to the users exactly the same as SNARE. So if you already have a parser that can parse SNARE messages, you can parse Lasso messages as well. Lasso is a LogLogic-sponsored and community-supported collector that can - perform multi-threaded remote event collection of multiple Windows machines - reliable transportation using TCP syslog (syslog-NG compatible) - data buffering when network connection is down - support for custom application event logs We are trying to get this on sourceforge, but those guys are a bit slow in setting up new projects. So for now, you can download the binary and source from http://loglogic.com/logforge/. I would love to hear from this list your thoughts and comments. Don't feel obligated to love it, you can bash it as well if we did something stupid. We are always looking to make it better. Thanks Jian -- Jian Zhen <jlz@private> zhen.org, anzel.net _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Mon May 01 2006 - 21:32:34 PDT