Honeypots: RE: centralizing logs

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

RE: centralizing logs

From: "Polazzo Justin" <Justin.Polazzo () facilities gatech edu>
Date: Mon, 15 Mar 2004 12:19:06 -0500

For windows boxes I am currently using the kiwi: cat tools and applog to syslog, for the remote reporting of all 
workstations to a .txt file, which is imported into a MySql database. You can then run queries to notify via SMTP for 
certain events. Although kiwi also has a tool for automating this per host, I have not seen a syslog server side app 
yet.

I dont know if I would consider kiwi open source, they have a free version and a "professional" version, but the free 
version is working fine for me.

jp

 
----Original Message-----
From: dcneting [mailto:zanoramy () streamyx com]
Sent: Thursday, March 11, 2004 7:45 AM
To: honeypots () securityfocus com
Subject: centralizing logs


is there any tool(open source/commercial) that can be use to centralized
every log into 1 database? Im using a lot of tools here like ethereal,
tcpdump,snort..bla bla bla...so, it is hard for me to see the log one by
one...

By Date By Thread

Current thread:

centralizing logs dcneting (Mar 11)
- [Spam Quarantined]Re: centralizing logs Roger A. Grimes (Mar 11)
- Re: centralizing logs SecurIT Informatique Inc. (Mar 11)
- RE: centralizing logs Aditya, ALD [Aditya Lalit Deshmukh] (Mar 12)
- Re: centralizing logs Michael Boman (Mar 13)
- <Possible follow-ups>
- RE: centralizing logs Polazzo Justin (Mar 15)