30 Nov
2010
30 Nov
'10
10:09 a.m.
On 2010-11-30, Supratik Goswami wrote:
Can you please suggest me some solution on how to overcome this situation.
My main purpose is to invoke the script which will send an alert mail only when there is a match of "attackalert" found in the log file.
For goals like yours, I'd recommend Simple Event Correlator, which was made exactly for this kind of job. See: http://simple-evcorr.sourceforge.net/ http://sixshooter.v6.thrupoint.net/SEC-examples/article.html HTH, -- Jakub Jankowski|shasta@toxcorp.com|http://toxcorp.com/ GPG: FCBF F03D 9ADB B768 8B92 BB52 0341 9037 A875 942D