https://github.com/rsyslog
https://github.com/beave/sagan
http://www.securitywarriorconsulting.com/logtools/
https://isc.sans.edu/diary/SAGAN%3A+An+open-source+event+correlation+system+-+Part+1%3A+Installation/9184
http://deca.cuc.edu.cn/Community/msgs/default.aspx?MessageID=23
http://www.softpanorama.org/Admin/Event_correlation/#n2009_1027_tivoli_event_integration_facility_users_guide_rules
http://publib.boulder.ibm.com/tividd/td/tec/GC32-0691-01/en_US/HTML/eifmst.htm
https://www.prelude-ids.org/wiki/prelude/InstallingPrelude
OSSIM
http://www.admin-magazine.com/Archive/2014/20/Open-Source-Security-Information-and-Event-Management-system
http://lem.demo.solarwinds.com/lem/
http://blog.163.com/qimeizhen8808@126/blog/static/16511951820133282337851/
http://chenguang.blog.51cto.com/350944/d-10