Re: Log analisys and siem

[Nikhil Wagholikar <visitnikhil () gmail com>]

Hi NetExpress,

One of the most popular SIEM/SIM is OSSIM.

OSSIM (Open Source Security Information Management) is a collection of
tools designed to aid network administrators in computer security,
intrusion detection and prevention. The project's goal is to provide a
comprehensive collection of tools to grant an administrator a view of
all the security-related aspects of their system.

More Info: http://en.wikipedia.org/wiki/OSSIM
Official Website: http://www.ossim.net/

Something in-line with OSSIM is 'Prelude'.

Prelude is an "agentless", universal, "Security Information
Management" (SIM) system, released under the GPL license. Prelude
collects, normalizes, sorts, aggregates, correlates and reports all
security-related events independently of the product brand or license
giving rise to such events by normalizing them to a single format
called the "Intrusion Detection Message Exchange Format".

More Info: http://en.wikipedia.org/wiki/Prelude_Hybrid_IDS
Official Website: http://www.prelude-ids.com/en/welcome/index.html

Hope this helps.

---
Nikhil Wagholikar
Practice Lead | Security Assessments & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://iisecurity.in/courses/Training Calendar.html

2009/10/19 NetExpress <netexpress () tiscali it>:
> Hi everyone,
>
> I am looking for:
> - a solution of log analysis (for tecnichan)
> - a SIEM (security information and event management) solution for management
> and/or Manager
>
> I collect syslog event on a syslog-ng log server, so I already have a
> colletor of information.
> Based on this base of vents I would like to do realtime log analysis and
> SIEM analysis, better if is gpl based.
> Anyone have experience with some product? and with how many computers?
>
>
>
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate.  We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------