Projects / Logcheck

Logcheck

Logcheck parses system logs and generates email reports based on anomalies. Anomolies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.

Tags
Licenses
Operating Systems

Recent releases

  •  06 Jul 2006 12:12

    Release Notes: This release includes pacakging and documentation changes. Rulefile updates were done for smartd, sudoedit, dhcp, ipv6, openssh, oidentd, pdns, xinetd, saslauthd, postfix, spamassassin, dkfilter, anacron, dovecot, kdm, nagios, sympa, stunnel, squid, rsync, rsnapshot, proftpd, ntp, Linux kernel, cron, cron-apt, pppd, and squidguard.

    •  30 Apr 2006 07:27

      Release Notes: This release includes packaging updates for Debian, and fixes quoting issues, lockfile issues, and issues related to naming rule-files. This version also includes rulefile updates for Linux kernel, Postfix, Exim4, smartd, ntpd, dhclient, and pop3ad.

      •  19 Feb 2006 16:28

        Release Notes: This release includes readability checks to parts of logcheck that previously would cause it to exit without error. GNU find is now used in place of run-parts, as it accepts a greater range of filename characters. Also included are documentation enhancements and rulefile updates for exim, SSH, the Linux kernel, Hylafax, Postfix, snmpd, dovecot, su, cvs-pserver, Spamassassin, NTP, DHCP, dspam, and cron-apt.

        •  23 Oct 2005 05:34

          Release Notes: The rules were updated for dccproc, bind, nfs, cyrus-imapd, ssh, linux-usb, horde3, imp4, exim4, mon, dovecot, polyaudio, tftpd, proftpd, nagios, popa3d, anvil, spamd, postfix, and hylafax. Some conveniences, sanity checks, and defaults were added. Documentation for installing from source was added.

          •  22 Aug 2005 20:49

            Release Notes: This release includes rule file updates for Postfix, innd, gpsd, Cyrus notifyd, Squid, SSH, the Linux kernel, dkfilter, ovpn-tunnel, exim4, AMANDA, gconfd, mailman, rbldnsd, GDm, courier, pdns, CVS, CUPS, and HORDE3, as well as several updates to the Debian package. Logcheck now includes a Vietnamese translation, and no longer requires a valid hostname to be set. Some documentation has been converted to markdown syntax.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.