LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-20-2003, 07:37 PM   #1
jdruin
Member
 
Registered: Jul 2003
Location: Louisville aka Derby City
Distribution: WinXP SP2 and SP3, W2K Server, Ubuntu
Posts: 313

Rep: Reputation: 30
Question What is a good logfile scanner/tool to help monitor logfiles?


I need help looking at all the log files on my server. There are too many files to watch all the time. What is the best way to automate watching the logfiles. I heard a program called SWATCH is good but have never used it. Both opinions and facts appreciated.
 
Old 11-20-2003, 07:37 PM   #2
jdruin
Member
 
Registered: Jul 2003
Location: Louisville aka Derby City
Distribution: WinXP SP2 and SP3, W2K Server, Ubuntu
Posts: 313

Original Poster
Rep: Reputation: 30
BTW, I am running RedHat 8 and 9. The server runs PGSQL, HTTPD, and POP3 mail.
 
Old 11-20-2003, 10:44 PM   #3
Scruff
Member
 
Registered: Oct 2002
Location: Stoughton, MA
Distribution: Gentoo x86_64 & PPC
Posts: 949

Rep: Reputation: 30
Logcheck seems to be working excellent for me. It runs through the logs looking for keywords, then emails you with any possible security concerns. It is rather verbose with the default config, but you can tailor it as you see fit with 'ignore' words, etc.

I have it emailing me (WAN) in case an intruder was to try and delete my local mail to cover his/her tracks. It's set up as a cron job.

Check it out! Just be sure to read the docs it comes with before/during installation to save yourself some headaches.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Shell scripting: Print output to logfile, error to logfile & screen stefanlasiewski Programming 18 05-22-2008 12:47 PM
Any tool for analyzing Samba logfiles? mark1 Linux - Networking 2 08-07-2004 11:14 AM
Proxy scanner tool with GUI needs testers gt73 Linux - Software 1 05-05-2004 09:34 AM
how to monitor logfiles ganninu Linux - General 4 12-07-2003 06:36 AM
web based tool for scanner potlamurali Linux - Software 0 05-01-2003 08:09 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration