This is a topic near and dear to my heart. I've been using SEC for a while now, been very happy with it. If you like Perl and its regular expressions, SEC will do the trick. It has a very complex log correlation capabilities, and multiple action methods, strongly recommend it especially if used with syslog-ng
http://sourceforge.net/projects/simple-evcorr
BTW, the README and instructions on how to set it up and all the options is extremely well-written and thorough, you'll like it.
pj