Progress....

Chris Green | 22 Aug 2007 20:40

Picon

Progress....

Jeremy, Thanks for the sudo modules. You had loose enough regexes that it worked for most of my stuff and let me write my own su_mod.py.

I also deal in an environment where most the syslogds are reporting by name. In get_smm, returning self.gethost(system) really helped clean up my reports as well.

I noticed that some of the modules have to deal with scanning and if I have an SSH box that gets the standard hydra brute force, I get quite a long number of reports in the SSHD section. Has anyone tried to collapse that down?

Thanks,

Chris

--

Chris Green

UAB Data Security, 205-975-0842

_______________________________________________
Epylog mailing list
Epylog <at> linux.duke.edu
https://lists.dulug.duke.edu/mailman/listinfo/epylog

Navigate

Go to gmane.comp.log.epylog.

Topic

Go to the topic.

Project Web Page

Epylog is a syslog analyser and report-writer

Search Archive

Language

Change language

Options

Current view: Threads only / Showing whole messages / Not hiding cited text.
Change to All messages, shortened messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane