On May 23, 2015 10:42, "Predrag Punosevac" <[email protected]> wrote: > > 5. Finally I am open for simpler ideas. Any opinions on sysutils/logfmon > Is it possible to visualize on the web output from logfmon? > > Best, > Predrag Punosevac >
There is another aspect to log analysis tools that bothers me the most, why must we risk system security to review log files? Any of the tools that "work well" open you up to web vulnerabilities, or cost money in the case of Splunk. I have not had time to work on it, but I would like to create a tool that avoids all of the issues of running a web service or requiring java. My interest is in UNIX system logs and IDS/IPS events, with full packet captures. The simplest form I have used is with automated processing of IDS events, firewall logs, and full pcap data as static files shared on a webserver. I would be interested in a CLI log viewer with ncurses, or scripted output (maybe using pipecut to process data as you search for what you want in the simplest UNIX way). -- Michael Shirk Daemon Security, Inc. http://www.daemon-security.com
