[logs] Passive Syslog Monitor
Ron A. Dilley
ron.dilley at amgen.com
Fri Jan 25 13:06:47 PST 2008
<blatant self promotion>
List,
I have just posted an update to the Passive Syslog Monitoring Daemon
(http://sourceforge.net/projects/psmd).
Included are tons of bug fixes and a few interesting new features:
TCP reassembly of syslog over TCP with logging of lost log data (due to
packet loss)
TIMEMARK messages to record TZ and clock skew issues
Previous interesting features:
Passive syslog monitoring (no listening port required)
Time on wire (with year!), Src & Dst MAC and IP address logging
MD5/SHA1 hashing of log data archived to disk
UDP Forwarding of logs with or without forged source IP
Ron
</blatant self promotion>
More information about the LogAnalysis
mailing list