simple-evcorr.sourceforge.net (sec.pl)
the rules are a bit of a bear to learn, but it can do anything.
300 syslogs/second using ~5% cpu and 20MB of ram with 600+ rules.
On 06/08/2012 04:26 PM, Nataraj wrote:
> I'm looking for a logfile scanner that can search for regular
> expressions in logfiles and send immediate email notifications. I'd
> like to try to find something that doesn't use huge amounts of memory.
> I'm currently running fail2ban and used it to do some of this scanning,
> but I'm finding that it can suck up memory and CPU resources when there
> is a lot of logging going on.
>
> I am aware of swatch, but most people say that it is pretty resource
> intensive as well. I came across logsurfer in google search and was
> wondering if anyone has experience with it or what other good
> alternatives might exist.
>
> While fancy features are nice, I'm willing to forgo them for lower
> resource consumption.
>
> Thanks,
> Nataraji
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
