Hello there, I recently downloaded and deployed a really neat monitoring package called logcheck (got it from http://www.psionic.com/abacus/logcheck) which does some rather nifty monitoring of security violations, packet filter logs, etc and emails the results. It sits as a cron service, skims through /var/log/messages and picks out anything unusual that happened in the last 15 minues. It doesn't alter /var/log/messages in any way.
Now, my question: has anyone seen anything like this to monitor the apache httpd log files (/var/log/httpd/...) to report any violations, eg. code red scans, etc. and email the results? It should not alter the log files in any way as that would affect the webalizer splitting, etc. Anyone any ideas? Thanks in advance Rob _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
