If you are just looking for some sort of web interface for syslog messages,
there are a lot of cgi's out there. I use a combination of syslog-ng and
mysql; with php-syslog-ng as a web interface. It allows you to filter based
off of alert level, and host, among other things. It also has its own access
control mechanism (how secure, I do not know).
On 4/6/07, Vincent Bernat <[EMAIL PROTECTED]> wrote:
OoO En cette nuit striée d'éclairs du mardi 03 avril 2007, vers 02:26,
"Daniel Cid" <[EMAIL PROTECTED]> disait:
> On Unix (and any operating system), when a process is listening on a
specific
> port, no other process is allowed to use it. So, if you have ossec
listening on
> port 514, splunk is not going to be able to use it. What you can do is
disable
> remote syslog on ossec, enable your syslog server to receive remote
messages
> and configure ossec and splunk to read from the files directly.
BTW, does someone know an open source alternative to Splunk ?
--
Indent to show the logical structure of a program.
- The Elements of Programming Style (Kernighan & Plauger)
--
Thx
Joshua Gimer
