[Novalug] Looking for sample system and event logs..
Scott Musman
musman at aug-sys.com
Wed Apr 2 22:07:23 EDT 2008
Ken,
Yes you've got the idea.. Unfortunately repurposing these things isn't
particularly a great idea. Marcus Ranum already tried it with logbayes:
http://www.ranum.com/security/computer_security/code/index.html
and unfortunately I could probably also give you a bunch of
techno-babble about why the Bayesian analysis done for spam isn't quite
right for logfile analysis..
You've got the right idea though.. The question now is.. If I build it,
would you use it?
-- Scott
On Wed, 2008-04-02 at 22:07 -0400, Ken Kauffman wrote:
> Doesn't the Bayesian logic in spamassassin do this type of analysis?
> You might be able to just re-purpose it for this type of analysis.
>
> Ken
>
> On Wed, Apr 2, 2008 at 10:05 PM, Shawn Wells <swells at redhat.com>
> wrote:
>
> greg pryzby wrote:
> http://www.splunk.com/
>
> Not sure there is anything cooler than this app for
> processing ANY logs, not as fast.
>
> Of course if you have something that does, I will get
> you funding for a small piece of the action :P
>
>
> php-syslog-ng?
>
>
> _______________________________________________
> Novalug mailing list
> Novalug at calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>
>
> _______________________________________________
> Novalug mailing list
> Novalug at calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
More information about the Novalug
mailing list