[syslog-ng] Does syslog-ng support triggers?
Ed Ravin
eravin at panix.com
Fri Oct 10 21:35:29 CEST 2008
On Fri, Oct 10, 2008 at 06:02:51PM +0100, Luís Miguel Silva wrote:
> We are suffering a lot of attacks against our webmail servers and would
> like to use this to try and trigger an alarm
> against brute force connections.
syslog-ng is a great program, but it's not a IDS or IPS.
try swatch, fail2ban, simple event correlator, snort, or some other
program that is designed to work in the event monitor / trigger action
space.
More information about the syslog-ng
mailing list