Help - Log event traps
Hey folks I need ur help on this one!
I'm looking for a way to trap (SNMP) event from a File-system IDS (or integrity checker) like tripwire, AIDE or chkrootkit.
by the way I've found the hereby awesome Reference Guide to Creating a Remote Log Server on linuxsecurity.org, but poorly there is no mention of snmp traps.
what OS are you using on the trapping machine?
Use snort. http://www.snort.org
You can read all kinds of info there and if not, do a google search for snort and you find it there.
also check out loganalysis.org it's run by tina bird and occasionally contribution from the man himself, mjr :)