Re: log analyser

[Abilash Praveen <abilash.praveen () gmail com>]

Hi,

For Linux, I'd suggest CSF+LFD or APF. However, these are not just log
analyser, but a firewall that works on top of iptables. If you are
looking only for a log analyser, a custom written script should do the
job.

I'm not sure about windows though, sorry.

Regards,
Abilash

On Fri, May 29, 2009 at 4:55 AM, <sec () nd-f com> wrote:
> Hi,
>
> can someone of you recommend a good enterprise log analyser solution? i have to collect, corrolate and analyse about 
> 1200 windows machines and 200 linux boxes. i want to do this in real-time, trigger actions (like email notification), 
> make sense out of e.g. ten failed login attempts following the one successful etc.
>
> any hint would be helpful
> thanks
> andy
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
> concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. 
> Gain a laser like insight into what is covered on the exam, with zero fluff!
>
> http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------