[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: Re: [syslog-ng] SEC and slct
From: sawall <sawall () gmail ! com>
Date: 2006-08-25 17:32:51
Message-ID: 870bf9090608251032m8141c54hb0a1cbce1036c170 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
For SEC related questions, you may want to post to their mailing list.
But what I do is use syslog-ng to take in my syslogs and send to specific
files, depending on my needs. I start SEC as a service and it uses the
various syslog-ng files as input (sec option -input).
So you start SEC with all the appropriate options and a config file. SEC
watches the syslog-ng file as it's being written to and monitors for matches
based on your SEC config file.
HTH,
Chris
On 8/25/06, Brian Loe <knobdy@gmail.com> wrote:
>
> So... I'm look at these applications and trying to figure out how best
> to implement them - does anyone have thoughts?
>
> I guess I haven't read enough of the man page yet, but I'm still not
> even sure how the SEC config file works (what you put into it)! But,
> both apps look promising - and the SEC page mentions another tool I'm
> going to check out as well...
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
[Attachment #5 (text/html)]
For SEC related questions, you may want to post to their mailing list.<br><br>But \
what I do is use syslog-ng to take in my syslogs and send to specific files, \
depending on my needs. I start SEC as a service and it uses the various \
syslog-ng files as input (sec option -input). <br><br>So you start SEC with \
all the appropriate options and a config file. SEC watches the syslog-ng file \
as it's being written to and monitors for matches based on your SEC config \
file.<br><br>HTH,<br>Chris<br><br><br> <div><span class="gmail_quote">On 8/25/06, <b \
class="gmail_sendername">Brian Loe</b> <<a \
href="mailto:knobdy@gmail.com">knobdy@gmail.com</a>> wrote:</span><blockquote \
class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt \
0pt 0.8ex; padding-left: 1ex;"> So... I'm look at these applications and trying to \
figure out how best<br>to implement them - does anyone have thoughts?<br><br>I guess \
I haven't read enough of the man page yet, but I'm still not<br>even sure how the SEC \
config file works (what you put into it)! But, <br>both apps look promising - and the \
SEC page mentions another tool I'm<br>going to check out as \
well...<br>_______________________________________________<br>syslog-ng \
maillist - <a href="mailto:syslog-ng@lists.balabit.hu"> \
syslog-ng@lists.balabit.hu</a><br><a \
href="https://lists.balabit.hu/mailman/listinfo/syslog-ng">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>Frequently \
asked questions at <a href="http://www.campin.net/syslog-ng/faq.html"> \
http://www.campin.net/syslog-ng/faq.html</a><br><br></blockquote></div><br>
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic