SEC version 2.3.2 - simple event correlation tool


Introduction:

SEC is a simple event correlation tool that reads lines from files, named
pipes, or standard input, and matches the lines with regular expressions, 
Perl subroutines, and other patterns for recognizing input events. 
Events are then correlated according to the rules in configuration files,
producing output events by executing user-specified shell commands, by 
writing messages to pipes or files, etc.


Availability:

This program is distributed under the terms of GNU General Public License, 
and can be downloaded from http://simple-evcorr.sourceforge.net


Release Notes:

SEC has been tested primarily on Linux and Solaris, but since it is written 
in perl and does not use any platform dependent subroutines, it should also
work on other OS platforms.

Since SEC uses perl qr// operator that was introduced in perl 5.005, 
perl 5.005 or higher is required for running SEC. Because SEC is generally 
not tested against outdated perl releases, it is recommended to run SEC 
with at least perl 5.6 (see http://www.perl.org for the latest stable perl 
release). 

SEC also uses perl Getopt, POSIX, Fcntl, IO::Handle, and Sys::Syslog modules, 
but those modules are included in the standard installation of perl.


Files in this package:

COPYING - copy of GNU General Public License
ChangeLog - changes starting from version 1.0
README - this file
convert.pl - program for converting SEC 1.1 configuration files 
             to SEC 2.0 format
itostream.c - example program for reading events from HP OV Operations
              (formerly known as HP OV ITO) management server and agent 
              event stream (see program text for how to compile it on
              management server and agent). This program can be used for
              feeding input events to SEC.
sec.pl - SEC program
sec.pl.man - SEC man page
startup.redhat - sample SEC startup files for RedHat
startup.solaris - sample SEC startup files for Solaris


Author: 

Risto Vaarandi (ristov at users d0t s0urcef0rge d0t net)

Acknowledgements:

This work is supported by SEB Eesti Uhispank.

I wish to thank the following people for supplying software patches and 
documentation fixes: Al Sorrell, James Brown, John P. Rouillard, Jon Frazier,
Mark D. Nagel, Rick Casey, and William Gertz.

