https://github.com/rsyslog

https://github.com/beave/sagan

http://www.securitywarriorconsulting.com/logtools/

 

https://isc.sans.edu/diary/SAGAN%3A+An+open-source+event+correlation+system+-+Part+1%3A+Installation/9184

http://deca.cuc.edu.cn/Community/msgs/default.aspx?MessageID=23

http://www.softpanorama.org/Admin/Event_correlation/#n2009_1027_tivoli_event_integration_facility_users_guide_rules

http://publib.boulder.ibm.com/tividd/td/tec/GC32-0691-01/en_US/HTML/eifmst.htm

 

https://www.prelude-ids.org/wiki/prelude/InstallingPrelude

 

OSSIM

http://www.admin-magazine.com/Archive/2014/20/Open-Source-Security-Information-and-Event-Management-system

http://lem.demo.solarwinds.com/lem/

http://blog.163.com/qimeizhen8808@126/blog/static/16511951820133282337851/

http://chenguang.blog.51cto.com/350944/d-10