Querying logs

• From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 15 Apr 2005 17:48:46 +1000

Im looking for something that allows me to be alerted when I get a scan
or connection fail/attempt from a particular ip (one I would like to
specify). 

I would like to be able to do it through the alerts stuff but it doesn't
allow it. I have thought of logging to a database and writing a query
that pulls that info and mails me when it happens, but that is somewhere
I will only go if I really need to.. 

I'm eyeing Jim here with the possibility that a script can do it, but im
not sure.. 

Any suggestions..

G

Other related posts:

• » Querying logs
• » Re: Querying logs
• » Re: Querying logs
• » Re: Querying logs
• » Re: Querying logs
• » RE: Querying logs
• » Re: Querying logs

1. Home
2. isalist
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---