Security Basics mailing list archives
RE: Logging
From: "Bugtraq" <bugtraq () datacash co za>
Date: Mon, 21 Jan 2008 09:50:53 +0200
I'm busy doing a POC of RSA's envision. So far, so good. You can set up a dashboard with alerts, graphs and tables to keep an eye on your systems and users in real-time. It's pretty expensive, but integrates nicely into Active Directory. Initially you have to do quite a lot of work to extract the relevant information from your logs. It collects Windows event logs (without a 3rd party remote agent), it takes syslogs and SNMP traps from many different devices (and automatically id's the remote system type and its function). The out-of-the-box list of supported devices is extensive and is growing quarterly. You can also create your own templates relatively easily. It has hundreds of built-in reports, but most need tweaking to provide you with the relevant information. Overall, a really nice product, I haven't found anything to compete with it yet. I'd be interested to find out if anyone has done comparisons between this and another product in the same space. -Grant -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of infolookup () gmail com Sent: 19 January 2008 05:58 PM To: Krzyston, Randy; listbounce () securityfocus com; security-basics () securityfocus com Subject: Re: Logging I am interested in seeing some feed back on this topic, cause I am looking into doing this too. Sent via BlackBerry from T-Mobile -----Original Message----- From: "Krzyston, Randy" <RandyK () gen-probe com> Date: Fri, 18 Jan 2008 10:19:21 To:<security-basics () securityfocus com> Cc:<listbounce () securityfocus com> Subject: Logging We are looking to implement a syslog server. It needs to not only be capable of storing logs ,but also detailed reporting for things such as SOX. I've looked at LogLogic's products. I also heard about Kiwi, but have not experience with it. Any comments? Randy DISCLAIMER: This email and any files transmitted with it are confidential to DataCash Group plc and its group companies. It is intended only for the person to whom it is addressed. If you have received this email in error, please forward it to info () datacash com with the subject line "Received in Error". If you are not the intended recipient you must not use, disclose, copy, print, distribute or rely on this email or any of its transmitted files.
Current thread:
- RE: Honeypot Server, (continued)
- RE: Honeypot Server Brett Kennedy (Jan 17)
- RE: Honeypot Server Timmothy Lester (Jan 17)
- Message not available
- RE: Honeypot Server m.farid.shawara (Jan 18)
- RE: Honeypot Server Timmothy Lester (Jan 18)
- Logging Krzyston, Randy (Jan 18)
- RE: Logging Robert D. Holtz - Lists (Jan 18)
- RE: Logging Scott Williamson (Jan 18)
- RE: Logging Lee Hilt (Jan 18)
- RE: Logging Petter Bruland (Jan 19)
- Re: Logging infolookup (Jan 19)
- RE: Logging Bugtraq (Jan 21)
- Re: Logging securek9 (Jan 21)
- Re: Logging infolookup (Jan 21)
- RE: Honeypot Server m.farid.shawara (Jan 18)
- Re: Honeypot Server Gleb Paharenko (Jan 18)
- Re: Honeypot Server p1g (Jan 21)
- Re: Honeypot Server Emilio Casbas (Jan 21)
- Re: Honeypot Server Brent Huston (Jan 25)
- RE: Honeypot Server Timmothy Lester (Jan 17)