[cgl_discussion] FYI - PoC Tracking Sheets updated

Ling, Xiaofeng xiaofeng.ling at intel.com
Mon Jun 23 17:50:51 PDT 2003


ok, I see. Thanks.

> -----Original Message-----
> From: Fleischer, Julie N 
> Sent: Tuesday, June 24, 2003 5:34 AM
> To: Ling, Xiaofeng; cgl_discussion at osdl.org
> Subject: RE: [cgl_discussion] FYI - PoC Tracking Sheets updated
> 
> 
> > Hi, Julie
> >  I have done some evaluation for "antomated log analysis",
> >    I notice in this sheet, it is said the LogWatch do not 
> > have alarms capability. I'm not quite sure 
> >   about what alerm means. Does email belong an alerm? 
> > LogWatch has email function. Can this
> > meet the requirment?
> 
> Ling Xiaofeng -
> I view an alarm as an alert that happens in direct response 
> to suspicious activity.  Email is an acceptable method for 
> generating an alarm; however, my interpretation of LogWatch 
> was that it could not email in direct response to suspicious 
> activity.  Instead, LogWatch sends the owner a report at a 
> regularly scheduled time (and it's up to the owner to do the 
> "analysis" of seeing if there is suspicious activity).  
> Swatch, on the other hand, can be configured to email the 
> owner as soon as the word "unauthorized," for example, is 
> seen in a log file.
> - Julie
> 
> **These views are not necessarily those of my employer.**
> 
>  
> 
> _______________________________________________
> cgl_discussion mailing list
> cgl_discussion at lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/cgl_discussion
> 




More information about the cgl_discussion mailing list