On 03/03/11 1:12 AM, Janez Kosmrlj wrote: > Hi folks, > In the company where i work, we are implementing a security standard. > A part of this is a log monitoring and reporting software. There are a > few requirements, that the software must fulfil: > - It must be capable of collecting logs from different devices (Linux > machines, network equipment, ...). > - it must be capable of sending alarms on security events > - it has to generate daily (weekly, monthly) reports > - it's a plus if it is easy configurable > - it has to have a good support or at least a good community if it is > an opensource product Nagios can probably do all of that. I dunno what you want in those daily/weekly/monthly reports. how many times people logged on and stuff? how many noise packets at your network gateways? the key to any of these systems is configuring the agents to collect the data you want, and deciding whats a security event worthy of an alarm. whether its a commercial system or freeware, you'll be spending a lot of time on that.