Dec 18 * myhost.mydomain * log: Connection from * port
Dec 18 * myhost.mydomain * log: Password authentication for * accepted.
but also for mining frequent event type patterns from preprocessed event logs.
LogHound has been tested on Redhat Linux and Solaris (compiled with gcc), but is likely to compile and work on other platforms as well.
For more information, read the man page. There is also a paper about LogHound (LNCS Vol. 3283, © Springer-Verlag).
Papers about the application of LogHound for log mining and IDS alert classification have been published at NOMS 2008, MILCOM 2009 and CNSM 2010.