This would be typically one of those threads for the Linux Security forum... Anyway. If you're talking
generic reporting I favour Logwatch. It's FOSS, it's being developed and maintained, doesn't hog resources, only needs Perl, is easily configurable, can be run at any given time with any given set of logs and is easily extendible like shown
here,
here and
here.
Doesn't mean Logwatch is good for
everything. For Iptables you might want something else as goes for your MTA and other daemons. The only source on the 'net dedicated to log analysis is
www.loganalysis.org, next to that Freshmeat and Sourceforge will show a lot of reporting tools for specific needs.