[COLUG] syslog

[Brian Long]

Hello all,

I need to produce a security report of failed login attempts from
about a dozen active directory domain controllers.  I'm considering
sending all of the events to a syslog server, maybe using snare, and
producing reports from there.

Can anyone recommend a reporting application for syslog that you've
had good experience in the past?  I'd prefer to find something
web-based using perl or php and perhaps some GD.

I'm new to the windows AD thing and trying to do everything I can on
linux.  Is there perhaps some better/easier way than syslog to do
this?

Thanks