Security Basics mailing list archives
RE: log monitoring/analysis/correlation systems
From: "Smith, Maurice" <MSmith () levi com>
Date: Tue, 21 Nov 2006 14:53:08 -0600
Try http://www.loglogic.com/ Best Regards, Maurice A. Smith CISSP, NSA IAM Sr. IT Security Manager Global Information Security Levi Strauss & Co Desk 817-262-6501 Mobile 214-577-8808 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Emilio Casbas Sent: Tuesday, November 21, 2006 3:50 AM To: sami seclist Cc: security-basics () securityfocus com Subject: Re: log monitoring/analysis/correlation systems sami seclist escribió:
Hi list, a client of our is looking for a log monitoring solution for it's network security infrastructure. Logs are to be collected from routers, firewalls, IDS and antivirus. The only product I found to be applicable in this situation is cisco's Security Monitoring Analysis and Response Systems (In fact it does much than what is needed !). Other products I found exaprotect (seems to be the best option) hp openview and IBM tivoli manager (I think they are too heavy for this company and also very expensive) does anybody know of other log monitoring systems, and what do you think of the above ? Syslog is not an option as log files have heterogeneous formats and is somewhat tricky to obtain a practical usage regards sami.
You could use nagios (http://www.nagios.org/) with the appropiate check_log script, and/or monitoring statistics with mrtg (http://oss.oetiker.ch/mrtg/) Regards. Emilio C. -- Emilio Casbas University of Navarra --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- log monitoring/analysis/correlation systems sami seclist (Nov 20)
- Re: log monitoring/analysis/correlation systems Emilio Casbas (Nov 21)
- RE: log monitoring/analysis/correlation systems Smith, Maurice (Nov 22)
- Re: log monitoring/analysis/correlation systems Seyhan Tekelioglu (Nov 21)
- Re: log monitoring/analysis/correlation systems Florencio Cano (Nov 21)
- Re: log monitoring/analysis/correlation systems sami seclist (Nov 23)
- RE: log monitoring/analysis/correlation systems Erin Carroll (Nov 21)
- RE: log monitoring/analysis/correlation systems Matt Davis (Nov 21)
- Audit Windows Machine, IRM (Nov 21)
- Re: Audit Windows Machine, Ansgar -59cobalt- Wiechers (Nov 22)
- Re: log monitoring/analysis/correlation systems Jon Hart (Nov 22)
- Re: log monitoring/analysis/correlation systems Kurt Buff (Nov 22)
- <Possible follow-ups>
- Re: log monitoring/analysis/correlation systems q (Nov 21)
(Thread continues...)
- Re: log monitoring/analysis/correlation systems Emilio Casbas (Nov 21)