Provides real-time monitoring of symptoms of possible intrusion on the server, and is able to perform user defined actions if any symptoms are discovered. Provides full reporting and logging facilities (to a local or central remote log or database), and is fully configurable, with the ability to write or import new detection rules. .

Though I haven't installed/tested this app yet, I thought I'd add it here for others to check out and perhaps review it before I do.