I have to setup some open source log monitoring on a centralized syslog server. A lot of machines (windows, linux) and some routers and switches sending their logs there.
Many years ago when I had to do similar setup I used logcheck which is the improved version of logsentry but I'm sure there are many free alternatives for this out there.
I do not need fancy stuff like storing events in database or displaying them on some web frontend. All I need is an easy to configure solution which regularly goes through all the machines logs, find suspicious events in them and send me an email about them. I need a tool which can be easily configured to ignore all the "noise". I don't want to receive hundreds of emails from this every day.
What I found so far:
logcheck, logtail, logsentry, Swatch, SEC, OSSEC
Thanks