Educause Security Discussion mailing list archives

Re: Log management

From: Mark Bauer <mbauer () SKIDMORE EDU>
Date: Thu, 1 Feb 2007 13:43:05 -0500

Kevin,

 

We are also looking into the same things.

 

I would appreciate any insight you gain from your RFI

 

Thanks

 

 

---   Mark

 


++++++++++++++++++++++++++++++++++

 

Mark Bauer
Network Administrator
Skidmore College
815 North Broadway
Saratoga Springs, New York   12866
Phone:  518-580-5996
e-mail:  mbauer () skidmore edu

________________________________

From: Mclaughlin, Kevin L (mclaugkl) [mailto:mclaugkl () UCMAIL UC EDU] 
Sent: Wednesday, January 31, 2007 8:34 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Log management

 

Hi Charlie:

If you aren't in a hurry touch back with me in a month or so and I
should have some good data to share with you. We have an RFI for a
solution out now and the following is a list of just a few of the
vendors who have stated they are responding:

 

IBM/ISS

CISCO

Secure State

Fusion

CA

HP

Cambia

Tripwire

and a handful of local vendors

 

If anyone else wants a summary of what we find out just let me know and
I'll send it your way.

 

-Kevin

 

 

________________________________

From: Charles L. Bombard [mailto:BombardC () CCV EDU]
Sent: Wed 1/31/2007 8:01 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Log management

Hey everyone,

        What would you all recommend for central log management? We are
currently looking at GFI eventmanager. The ideal solution will combine
the monitoring of both windows and linux logs, and have the ability to
generate alerts based on our settings.

        Recommendations of things to look at as well as things to avoid
is appreciated.

-Charlie

==========================================

Charles Bombard, GSEC
LAN/Systems Administrator
Community College of Vermont
119 Pearl Street
Burlington, VT 05401
802.657.4234
bombardc () ccv edu

PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated
recipient only and may contain privileged, confidential, or otherwise
private information. If you have received it in error, please notify the
sender immediately and delete the original. Any other use of an email
received in error is prohibited.

Current thread:

Re: Log management, (continued)
- Re: Log management Charles L. Bombard (Jan 31)
- Re: Log management Chris Green (Jan 31)
- Re: Log management Isaac Straley (Jan 31)
- Re: Log management Isaac Straley (Jan 31)
- Re: Log management Isaac Straley (Jan 31)
- Re: Log management Nick Lewis (Jan 31)
- Re: Log management Greg Vickers (Jan 31)
- Re: Log management Jason Richardson (Feb 01)
- Re: Log management John Ladwig (Feb 01)
- Re: Log management Wes Young (Feb 01)
- Re: Log management Mark Bauer (Feb 01)
- Re: Log management Kees Leune (Feb 20)