[syslog-ng] SEC and slct
sawall
sawall at gmail.com
Fri Aug 25 19:32:51 CEST 2006
For SEC related questions, you may want to post to their mailing list.
But what I do is use syslog-ng to take in my syslogs and send to specific
files, depending on my needs. I start SEC as a service and it uses the
various syslog-ng files as input (sec option -input).
So you start SEC with all the appropriate options and a config file. SEC
watches the syslog-ng file as it's being written to and monitors for matches
based on your SEC config file.
HTH,
Chris
On 8/25/06, Brian Loe <knobdy at gmail.com> wrote:
>
> So... I'm look at these applications and trying to figure out how best
> to implement them - does anyone have thoughts?
>
> I guess I haven't read enough of the man page yet, but I'm still not
> even sure how the SEC config file works (what you put into it)! But,
> both apps look promising - and the SEC page mentions another tool I'm
> going to check out as well...
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20060825/9a62a130/attachment.html
More information about the syslog-ng
mailing list