Syslog Analyzer?

Unanswered Question

Hi... In SDM you can get some stats on top attackers and ports. However, when the log grows large it is impossible to use SDM for this.

I have now set it up to log to a Syslog Server (Kiwi). However, there you just get the whole string/text (port, source, target...) in one field and it's not possible to get any stats out of that.

Is there any recommended tools that splits up this and give better stats? Licensed and/or freeware?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
MetaDesignSuisseAG Sat, 03/28/2009 - 16:26

Hi,

maybe have a try with splunk 'www.splunk.com' they have a free version which can analyze logs up to 500MB/day in the free version.It is database based and very fast, you can run it on Linux, MacOS and Windows machines.

best

andy

Actions

This Discussion