SEC is a simple event correlation tool that reads lines from files, named
pipes, or standard input, and matches the lines with regular expressions,
Perl subroutines, and other patterns for recognizing input events.
Events are then correlated according to the rules in configuration files,
producing output events by executing user-specified shell commands, by
writing messages to pipes or files, etc.
This is the SEC configuration directory. Because SEC usage varies so widely
from user to user, this package is configured by default to not run.
The commented-out default settings in /etc/sysconfig/sec will load any file in
this directory with a .sec suffix. Please look through the example files
included in /usr/share/doc/sec-<version>/examples/ and install the ones you
want here (taking into acc
SEC (Simple Event Correlator) 2.6.2
SEC is a tool for accomplishing event correlation tasks in the domains of
log analysis, system monitoring, network and security management, etc.
Event correlation is a procedure where a stream of events is processed,
in order to detect (and act on) certain event groups that occur within
predefined time windows. Unlike most other e