[logs] Passive Syslog Monitor Jan 25 2008 09:06PM
Ron A. Dilley (ron dilley amgen com)
<blatant self promotion>


I have just posted an update to the Passive Syslog Monitoring Daemon

Included are tons of bug fixes and a few interesting new features:

TCP reassembly of syslog over TCP with logging of lost log data (due to
packet loss)
TIMEMARK messages to record TZ and clock skew issues

Previous interesting features:

Passive syslog monitoring (no listening port required)
Time on wire (with year!), Src & Dst MAC and IP address logging
MD5/SHA1 hashing of log data archived to disk
UDP Forwarding of logs with or without forged source IP


</blatant self promotion>
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus