[logs] Analyzing tons of logs
James Turnbull
james at lovedthanlost.net
Thu Mar 29 21:28:35 PDT 2007
On Fri, 30 Mar 2007 08:57:33 +0530, "Chetan Gupta" <chetangupta01 at gmail.com> wrote:
> How about sguil? Thats an NSM tool I guess. Has any one tried it?
I am a fan of sguil - it's powerful and well designed (IMHO) but I am not sure it will scale to meet your requirements. It's also primarily focussed on IDS (principally Snort) data. You'd need to customize it to deal with some other kinds of data.
Regards
James Turnbull
More information about the LogAnalysis
mailing list