On Thursday 13 November 2008 at 03:09 (CET), ahsiangsiang wrote: > I looking for a central audit event collection, analysis, reporting system > for Linux, Unix and Windows based box. Snare server by InterSect Alliance > look to solve my problem but it a commercial product. > > Anyone can give me a helpful hand?
We use (nt)syslog + sec for that. All *nix and windows machines log to a central logging host (linux box with syslogd -r running). The log files of this central host is being filtered by sec and mailed to the sysadmins. http://ntsyslog.sourceforge.net/ http://kodu.neti.ee/~risto/sec/ -- Regards, Ruben -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
