RE: Log analysis tool for Cisco HIPS/NIPS.

["Ramki B" <bramkie () gmail com>]

Hi

Thanks, I had read the doc's but MARS cannot do an off-line analysis
and reporting (or is there a way to do this on MARS?...). Iam looking
for a product that can import security device/SW logs and provide an
interface to analyze and generate reports.


Regards
Ramki 

> -----Original Message-----
> From: Alberto Madrid [mailto:alberto.madrid () ngisolution com] 
> Sent: Thursday, January 18, 2007 1:08 AM
> To: 'Ramki B'; security-basics () securityfocus com
> Subject: RE: Log analysis tool for Cisco HIPS/NIPS.
> Importance: High
>
>
> Hi, Ramki:
>
> Please, take a look a Cisco MARS (Cisco Security Monitoring, 
> Analysis and Response System) http://www.cisco.com/go/mars
>
> Regards,
>
> Alberto Madrid
> ipsubnet0 () cantv net
> MCP, CCNA, CQS, CCSP, INFOSEC Professional.
>
>  
>
> -----Mensaje original-----
> De: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] En nombre de Ramki B 
> Enviado el: Miércoles, 17 de Enero de 2007 01:28 p.m.
> Para: security-basics () securityfocus com
> Asunto: Log analysis tool for Cisco HIPS/NIPS.
>
> Hi
>
> I am looking for a good tool to analyze the logs created by 
> Cisco NIPS and HIPS (Cisco Security Agent), what tools other 
> than Cisco provided are available with reporting functions.
>
> I have a fair idea on the concepts of log analysis but 
> without a proper tool it's a very laborious and time consuming task.
>
> Any inputs/directions would help.
>
> Thanks
> Ramki
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~
> Ramakrishnan B
> IM: bramkie () hotmail com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Be better than the best"
> ~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.432 / Virus Database: 268.16.13/632 - Release 
> Date: 16/01/2007
> 04:36 p.m.
>