DESCR 877 B

1234567891011121314
  1. SEC is a free and platform independent event correlation tool that was
  2. designed to fill the gap between commercial event correlation systems
  3. and homegrown solutions that usually comprise of a few simple shell
  4. scripts. SEC accepts input from regular files, named pipes, and
  5. standard input, making it suitable to employ with any application that
  6. is able to write its output to a file stream. The SEC configuration is
  7. stored in text files as rules, each rule specifying an event matching
  8. condition, an action list, and optionally a Boolean expression whose
  9. truth value decides whether the rule can be applied at a given moment.
  10. Regular expressions are used for defining event matching conditions, and
  11. output events can be produced by executing user-specified shell scripts
  12. or programs (e.g., snmptrap or mail), by writing messages to pipes or
  13. files, and by various other means.