[cgl_discussion] FYI - PoC Tracking Sheets updated
Ling, Xiaofeng
xiaofeng.ling at intel.com
Mon Jun 23 17:50:51 PDT 2003
ok, I see. Thanks.
> -----Original Message-----
> From: Fleischer, Julie N
> Sent: Tuesday, June 24, 2003 5:34 AM
> To: Ling, Xiaofeng; cgl_discussion at osdl.org
> Subject: RE: [cgl_discussion] FYI - PoC Tracking Sheets updated
>
>
> > Hi, Julie
> > I have done some evaluation for "antomated log analysis",
> > I notice in this sheet, it is said the LogWatch do not
> > have alarms capability. I'm not quite sure
> > about what alerm means. Does email belong an alerm?
> > LogWatch has email function. Can this
> > meet the requirment?
>
> Ling Xiaofeng -
> I view an alarm as an alert that happens in direct response
> to suspicious activity. Email is an acceptable method for
> generating an alarm; however, my interpretation of LogWatch
> was that it could not email in direct response to suspicious
> activity. Instead, LogWatch sends the owner a report at a
> regularly scheduled time (and it's up to the owner to do the
> "analysis" of seeing if there is suspicious activity).
> Swatch, on the other hand, can be configured to email the
> owner as soon as the word "unauthorized," for example, is
> seen in a log file.
> - Julie
>
> **These views are not necessarily those of my employer.**
>
>
>
> _______________________________________________
> cgl_discussion mailing list
> cgl_discussion at lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/cgl_discussion
>
More information about the cgl_discussion
mailing list