Return to DESCR CVS log | Up to [local] / ports / security / sagan / pkg |
File: [local] / ports / security / sagan / pkg / DESCR (download)
Revision 1.1.1.1 (vendor branch), Sat May 7 09:47:19 2011 UTC (13 years, 2 months ago) by yason
initial import |
Sagan is a multi-threaded, real time system and event log monitoring system, but with a twist. Sagan uses a "Snort" like rule set for detecting bad things happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, that event can be stored to a Snort database (MySQL/PostgreSQL) and Sagan will attempt to correlate the event with your Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system. Sagan is basically a SIEM (Security Information & Log Management) system.