[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] httpd log analyzer

Subject: [cobalt-security] httpd log analyzer
From: "Rob Moore" <rob.moore@xxxxxxxxxxxxxxx>
Date: Thu, 22 Nov 2001 10:32:10 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello there,

I recently downloaded and deployed a really neat monitoring package called
logcheck
(got it from http://www.psionic.com/abacus/logcheck) which does some rather
nifty
monitoring of security violations, packet filter logs, etc and emails the
results.
It sits as a cron service, skims through /var/log/messages and picks out
anything unusual
that happened in the last 15 minues. It doesn't alter /var/log/messages in
any way.

Now, my question: has anyone seen anything like this to monitor the apache
httpd log files (/var/log/httpd/...) to report any violations, eg. code red
scans, etc. and email the
results? It should not alter the log files in any way as that would affect
the webalizer
splitting, etc.

Anyone any ideas? Thanks in advance

Rob

Follow-Ups:
- Re: [cobalt-security] httpd log analyzer
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] [SECURITY WARNING] All Neomail users
Next by Date: Re: [cobalt-security] httpd log analyzer
Previous by thread: [cobalt-security] Port Scans - what they use
Next by thread: Re: [cobalt-security] httpd log analyzer

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index