[SunHELP] Logs and SunScreen 3.1

[Scott Fraser]

Morning Folks,

I am trying to come up with a way to manage a number of SunScreen 3.1
deployments that includes and easy to use (and view) log management
system. Currently, we have to log on to each SunScreen box and
view/export the logs from there. I know that WebTrends has a very nice
(from a management point of view) tool to do this, but I don't really
need something that slick at this time. What I'd like to find is a
script (and yes, I may have to write my own) that searches (say once
every 2 hours) the log file for keywords (attack, alert, etc), exports
those entries (with all the info...timestamp, ip address, etc) to a file
and then I could set up an rsync script via SSH to push the "hot" file
from the SunScreen box to my log server.

Has anyone out there tried to do something like this, or has a better
idea on how to do this?

FYI, management doesn't want to view the logs every day. However they
would like to once in a while take a look at them, so having the info in
a nice management-friendly format would be a serious bonus. Myself, I
don't care what the format is like, so long as it works.

Cheers and thanx in advance to all,
Scott

-- 
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Scott Fraser                        Myra Systems Corp.
sfraser at myra.com                  http://www.myra.com/

voice: 250.381.1335 ext:163            488A Bay Street
fax:   250.381.1304                       Victoria, BC
cell:  250.514.4765                            V8T 5H2
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=