hello,
some time ago I posted a question about freeware event correlation tools
to several lists and newsgroups, but no-one seemed to know any such
tool.
Since I had to do event correlation on Linux but could not find
any relevant utility, I decided to implement one myself. It is written
in
perl and should also run on other UNIX platforms than Linux. Currently,
it has also been found to be working on Solaris and HP-UX. I have also
received one report that the tool works on Win2000.
The tool accepts input events from stdin, regular file or named pipe,
and uses regular expressions to recognize them. Input events are
correlated according to the rules specified in configuration file.
Output events are produced by executing user specified shell commands.
The package can be downloaded from http://kodu.neti.ee/~risto/sec/
It also contains a tool for integrating sec with OpenView ITO management
server and ITO agent.
For some this message might seem a bit off-topic, since Tivoli NetView
(unlike OpenView NNM and ITO) has a built-in support for event
correlation. However, it could be useful also in Tivoli environments for
correlating events locally at managed nodes.
If you find the tool useful, I would appreciate your feedback!
|