log rendering in real time in audit-viewer
Pittigher, Raymond - Exelis
Raymond.Pittigher at exelisinc.com
Thu Mar 5 12:45:37 UTC 2015
Free or pay for solutions? You have products like splunk and greybar that do a good job. Managengine also has a log viewer that works OK. You will just need to pass audit logs to syslog to use most products.
-
Ray Pittigher
--Exelis Inc, Clifton NJ
--phone 973-284-2275
--email raymond.pittigher at exelisinc.com
________________________________________
From: linux-audit-bounces at redhat.com [linux-audit-bounces at redhat.com] on behalf of Xeniya Muratova [muratova at itsirius.su]
Sent: Wednesday, March 04, 2015 8:42 AM
To: mitr at redhat.com; linux-audit at redhat.com
Subject: log rendering in real time in audit-viewer
Hello Miloslav, and all the guys!
We use audit-viewer for events monitoring.
Unfortunately, if some log is rather big it takes to much time for audit-viewer to parse and render it.
Besides, we need to render log updates in real time, i.e. when a new line appears in a log, it should appear in a viewer too.
Can you suggest the better way to extend audit-viewer to meet these requirements?
Thanks in advance.
Kseniya Muratova,
--
Linux-audit mailing list
Linux-audit at redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
________________________________
This e-mail and any files transmitted with it may be proprietary and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Exelis Inc. The recipient should check this e-mail and any attachments for the presence of viruses. Exelis Inc. accepts no liability for any damage caused by any virus transmitted by this e-mail.
More information about the Linux-audit
mailing list