Irregular Expressions

Jul 19 2010   2:57PM GMT

Opensource Event Correlation System

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

This application was mentioned on the isc.sans.edu blog, I finally had some time to read it and it looks really nice.

http://sagan.softwink.com/

It’s the same idea as a Cisco Mars or RSA Envision system, it uses snort styled rules to parse syslog information and generate alerts and logging.

I am going to be installing this soon, I can’t wait to start going through my logs and generating alerts!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: