Samhain | ||
---|---|---|
<<< Previous | Next >>> |
samhain is a data integrity and intrusion alert system that can be used on single hosts as well as for large, UNIX-based networks. samhain offers several features to support and facilitate centralized monitoring.
In particular, samhain can optionally be used as a client/server system with monitoring clients on individual hosts, and a central log server that collects the messages of all clients.
The configuration and database files for each client can be stored centrally and downloaded by clients from the log server. Using conditionals (based on hostname, machine type, OS, and OS release, all with regular expresions) a single configuration file for all hosts on the network can be constructed.
The client (or standalone) part is called samhain, while the server is referred to as yule. Both can run as daemon processes.
<<< Previous | Home | Next >>> |
Samhain | Compiling and installing |