Log analysis server suggestions?
on at cs.ait.ac.th
Thu Feb 16 18:51:57 PST 2006
> As for searching / analysis, I've seen php-syslog-ng
> ( http://www.vermeer.org/projects/php-syslog-ng ), which looks very basic,
> and phpLogCon ( http://www.phplogcon.com/ ), which does not support PG
> anyway. Is there anything better GUI-wise?
As for the log analysis, I remember attending a security seminar where
the conclusion was that a good log analysis system should let you
define what events are unimportant and could be ignored so that all
other events, including the unexepected ones are shown as important
and requiring action.
More information about the freebsd-questions