A straightforward and freely available event correlator software that is open source and therefore highly customizable.
The SEC configuration is stored as rules in text files, with each rule specifying an event matching condition, an action list, and a Boolean expression. Defining event matching conditions is easy using regular expressions or Perl subroutines. The tool can execute user-specified shell scripts or programs, write messages to pipes or files, and work in different ways to produce output events.
SEC is an excellent choice for users seeking an open source and platform independent event correlation tool. With its ability to accept input from different sources, define event matching conditions, and produce output events in different ways, this tool is a must-have for any organization looking to streamline its workflow.
Version 2.5.2: N/A