SEC (Simple Event Correlator) 2.4.beta1
SEC is a simple event correlation tool that reads lines from files, named pipes, or standard input, and matches the lines with regular expressions, Perl subroutines, and other patterns for recognizing input events. Events are then correlated according to the rules in configuration files, producing output events by executing user-specified shell commands, by writing messages to pipes or files, etc.
This program is distributed under the terms of GNU General Public License, and can be downloaded from http://simple-evcorr.sourceforge.net
SEC has been tested primarily on Linux and Solaris, but since it is written
in perl and does not use any platform dependent subroutines, it should also
work on other OS platforms.
Since SEC employs the perl qr// operator that was introduced in perl 5.005, perl 5.005 or higher is required for running SEC. Because SEC is generally not tested against outdated perl releases, it is recommended to run SEC with at least perl 5.6 (see http://www.perl.org for the latest stable perl release).
SEC also uses perl Getopt, POSIX, Fcntl, IO::Handle, and Sys::Syslog modules, but those modules are included in the standard installation of perl.
COPYING - copy of GNU General Public License
ChangeLog - changes starting from version 1.0
README - this file
convert.pl - program for converting SEC 1.1 configuration files
to SEC 2.0 format
itostream.c - example program for reading events from HP OV Operations
(formerly known as HP OV ITO) management server and agent event stream (see program text for how to compile it on management server and agent). This program can be used for feeding input events to SEC.
sec.pl - SEC program
sec.pl.man - SEC man page
startup.freebsd - sample SEC startup script for FreeBSD startup.redhat - sample SEC startup files for RedHat startup.solaris - sample SEC startup files for Solaris
Risto Vaarandi (ristov at users d0t s0urcef0rge d0t net)
This work is supported by SEB Eesti Uhispank. I wish to thank the following people for supplying software patches and documentation fixes: Al Sorrell, James Brown, John P. Rouillard, Jon Frazier, Mark D. Nagel, Rick Casey, and William Gertz.