[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NEW: security/sec

SEC is a free and platform independent event correlation tool that
was designed to fill the gap between commercial event correlation
systems and homegrown solutions that usually comprise of a few
simple shell scripts. SEC accepts input from regular files, named
pipes, and standard input, making it suitable to employ with any
application that is able to write its output to a file stream. The
SEC configuration is stored in text files as rules, each rule
specifying an event matching condition, an action list, and optionally
a Boolean expression whose truth value decides whether the rule can
be applied at a given moment. Regular expressions are used for
defining event matching conditions, and output events can be produced
by executing user-specified shell scripts or programs (e.g., snmptrap
or mail), by writing messages to pipes or files, and by various
other means.

Please test and comment.

Okan Demirmen <okan_(_at_)_demirmen_(_dot_)_com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934