[syslog-ng] Syslog-NG and SEC (perl based event correaltion engine)
wiskbroom at hotmail.com
wiskbroom at hotmail.com
Thu Mar 6 22:11:01 CET 2008
Hello all;
I currently have all of my syslog-ng output (DEST) going to flat-files as well as MySQL. I would like to begin using SEC (perl based event correlation engine) to further parse events and create either more alerts (SMS pages and emails) as well as additional syslog message insertions (via logger I think) .
I am looking to find if anyone is using SEC, and in what way? I.e., are you running it as a DEST in syslog-ng.conf, or are you running it via a FIFO file? or what?
Also, I am looking for SEC config files that I could use as a good basis for my own where my environment is heterogenous with Windows, Cisco, Linux, Solaris, etc.
Many thanks in advance,
.vp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20080306/50d68250/attachment.htm
More information about the syslog-ng
mailing list