[olug] Splunk and log scraping
Aric Aasgaard
aric at omahax.com
Mon Dec 21 12:39:30 UTC 2009
I am not familiar with splunk.
I would think it would be fairly easy to whip up a PHP/MYSQL web GUI to do
this.
I like the codeigniter framework.
It is simple to recursively check files in a folder.
You would basically make signatures to look for in the parsing.
A there are a lot of examples projects that use php for log "scraping"?, the
one that pops in my head is ACID/BASE for snort.
http://www.andrew.cmu.edu/user/rdanyliw/snort/snortacid.html
http://base.secureideas.net/
OSSIM is a really nice project to snag code parts from.
http://www.alienvault.com/community.php?section=Home
More information about the OLUG
mailing list