Abstract: As a data source, log files recorded the basic contents of intrusion detection system. The most popular and effective way to perform host-based intrusion detection is to audit log data and take some effective measures to decrease the loss. Integrating original log analyzing technique with mobile-agent, LASL implements a host-based log analyzing system. Compared with other log analyzing tools, LASL has intellectualized, automatic and distributed characters.