Sagan is a multi-threaded, real time system and event log monitoring system,but with a twist. Sagan uses a“Snort” like rule set for detecting bad thingshappening on your network and/or computer systems. If Sagan detects a “badthing” happening, that event can be stored to a Snort database(MySQL/PostgreSQL) and Sagan will attempt to correlate the event with your Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system.
订阅我的博客
