log files

[Pittigher, Raymond - ES]

On 06/17/2011 02:56 PM, LC Bruzenak wrote:
> On Fri, 2011-06-17 at 14:32 -0400, Pittigher, Raymond - ES wrote:
>  >
>  > I also used the au tools (aureport, aufind, etc) but just wanting a
>  > average user to view the bad events brings the need of a point a click
>  > interface.
>
> Agreed.
>
>  > The people that now read the audit events for the windows servers are
>  > spoiled by the cornerbowl tool. I tossed together a little script that
>  > dumps the audit events into a array, then sorts them and dumps them
>  > out but the users want a red background for bad and so on. Before I
>  > went crazy trying to put something together I wanted to see what was
>  > out in the wild. I guess something that dumps the files into a MySQL
>  > tables would be the easiest to work with.
>
> Then what would you use for visualization?
> This week I have been thinking about this very thing myself.
> Good to know others are as well.
>
> LCB
>
> --
> LC (Lenny) Bruzenak
> lenny at magitekltd.com
>
The plan would be to rotate the log at midnight Saturday, use the
aureport to read the file and give it some kind of format, dump the data
into a mysql database, then parse it with php on a apache server with a
firefox front end. Or something like that.

This e-mail and any files transmitted with it may be proprietary and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender.
Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of ITT Corporation. The recipient should check this e-mail and any attachments for the presence of viruses. ITT accepts no liability for any damage caused by any virus transmitted by this e-mail.