NetIQ seems to be the product you are looking for, it allows consolidation an correlation of Windows NT/2k logs, Unix (Redhat and Solaris) syslogs, ISS Realsecure, Checkpoint Firewall-1 and even routers/switches.
Best regards, Nicolas. > -----Message d'origine----- > De : Matt [mailto:[EMAIL PROTECTED]] > Envoyé : mardi 14 mai 2002 20:25 > À : [EMAIL PROTECTED] > Objet : Log Help > > > Hi Everyone > I was wondering if there were some suggestions on utilities > to monitor logs > and if anyone has used them ? > > Im looking for a assistant to help me with my log reading. I > know logs are > important and that if I dont read them I am setting myself up > for trouble in > many ways Security wise or other wise. The problem I have is > there is so darn > many of them and being basically a lazy person I want to get > the computer to > help me sort them all and monitor them all. I hate having to > hunt down logs > scattered all over the place, and admittedly linux is tons > better than other > operating systems I have used, its still a pain for me. > Can I scan my logs for keywords and have the bot email me if > it picks up pre > designated phrases or code words? Can I have a bot take > predetermined actions > based on log entries? I want to shift the burden a little bit > onto the > computer and give me more time to think rather than react.... > > Any help , thoughts, comments, suggestions is appreciated. > > Thanks > > Matt >
BEGIN:VCARD
VERSION:2.1
N:Villatte;Nicolas
FN:Nicolas Villatte
ORG:S.W.I.F.T. s.c.;MIS Security Office
TITLE:System & Network Security Engineer
TEL;WORK;VOICE:+32 (02) 655.49.85
TEL;HOME;VOICE:+32 (02) 344.94.05
TEL;CELL;VOICE:+32 (477) 588136
TEL;WORK;FAX:+32 2 6554185
ADR;WORK:;;;;;;Belgique
LABEL;WORK:Belgique
ADR;HOME:;;Rue des châtaignes, 51;Bruxelles;;1190;Belgique
LABEL;HOME;ENCODING=QUOTED-PRINTABLE:Rue des ch=E2taignes, 51=0D=0ABruxelles 1190=0D=0ABelgique
KEY;X509;ENCODING=BASE64:
MIIDETCCAnqgAwIBAgIDBPqcMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJaQTEVMBMG
A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0
ZTEdMBsGA1UECxMUQ2VydGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZy
ZWVtYWlsIFJTQSAyMDAwLjguMzAwHhcNMDEwNjA3MjA0OTUwWhcNMDIwNjA3MjA0OTUwWjCB
qzERMA8GA1UEBBMIVmlsbGF0dGUxFzAVBgNVBCoTDk5pY29sYXMgUm9iZXJ0MSAwHgYDVQQD
ExdOaWNvbGFzIFJvYmVydCBWaWxsYXR0ZTEuMCwGCSqGSIb3DQEJARYfTmljb2xhcy52aWxs
YXR0ZUBjcmVhdGl2ZXdlYi5iZTErMCkGCSqGSIb3DQEJARYcTmljb2xhcy5WaWxsYXR0ZUBh
ZHZhbHZhcy5iZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy7I1BeKpPP8pJim4fZV1
llyU4139oUklJp17qfrE7uTqIiQMwMdICoIr/8MQiVfER8c9RcSQb4num4m0gZ8CbNwpDbQr
ci1aEYhtwBQOdEvp6vANKSdm9gKuCs6pMLHBq4FNFOZ/vHS+GnJZGHLYmNu7s5mejS32Q+ku
UfxIEyECAwEAAaNaMFgwSAYDVR0RBEEwP4EfTmljb2xhcy52aWxsYXR0ZUBjcmVhdGl2ZXdl
Yi5iZYEcTmljb2xhcy5WaWxsYXR0ZUBhZHZhbHZhcy5iZTAMBgNVHRMBAf8EAjAAMA0GCSqG
SIb3DQEBBAUAA4GBAKv9W+31T+EXqhvSTNeRbPFjvDeFKfPERXpuWvRxfrEgsHG/vF6pBdA7
ipsQaPiLa/f0XjnW6jTZM5oc0TinyjJ8yaWG3LUyMvDJrgBYxfJaMfWkoHW7dyhsdvzUVS17
kCcKHrPt8KRtoTNnLmwac8snmpYAp9+3NBtxN7eDXCLP
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20020311T185313Z
END:VCARD
smime.p7s
Description: application/pkcs7-signature
