Correlating system events can be a challenge, doing it in an automated fashion is no less a challenge. While tools like logcheck and swatch are helpful they do not correlate events, they simply highlight individual log messages as potential events. SEC (simple event correlator) is a powerful and flexible solution for correlating log messages into events and performing certain actions when an event has occurred.