[Bug 198741] New port: security/sagan: Security tool to alert on log files

Fri Mar 20 15:30:23 UTC 2015

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198741

            Bug ID: 198741
           Summary: New port: security/sagan: Security tool to alert on
                    log files
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: shadowbq at gmail.com

Created attachment 154580
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=154580&action=edit
Initial Shar file

Sagan uses a 'Snort like' engine and rules to analyze logs.

Sagan is an open source (GNU/GPLv2) high performance, real-time log
analysis & correlation engine.  It is written in C and uses a
multi-threaded architecture to deliver high performance log & event
analysis.

The Sagan structure and Sagan rules work similarly to the
Sourcefire "Snort" IDS engine. This was intentionally done to maintain
compatibility with rule management software (oinkmaster/pulledpork/etc)
and allows Sagan to correlate log events with your Snort IDS/IPS
system. Since Sagan can write to Snort IDS/IPS databases via
unified2/barnyard2, it is compatible with all Snort "consoles".
For example, Sagan is compatible with Snorby [http://www.snorby.org],
Sguil [http://sguil.sourceforge.net], BASE, and the Prelude IDS
framework! (to name a few).

For more information, please visit the Sagan web site:
WWW: http://sagan.quadrantsec.com.

-- 
You are receiving this mail because:
You are the assignee for the bug.