Educause Security Discussion mailing list archives

Re: logging windows text-based files to central logging server

From: "Edgmand, Craig" <craig.edgmand () OKSTATE EDU>
Date: Fri, 27 Jul 2007 10:21:14 -0500

Joel,
     You could use the Snare Agent for Windows, it is free and works
well.

      http://www.intersectalliance.com/projects/SnareWindows/


Craig Edgmand
Security Engineer/Interim HPCC Manager
Oklahoma State University


-----Original Message-----
From: Joel Rosenblatt [mailto:joel () COLUMBIA EDU] 
Sent: Friday, July 27, 2007 10:04 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] logging windows text-based files to central
logging server

Hi,

This looks like it will get the logs in one place .. but what if I want
them to end up on my Unix syslog?

Thanks,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Friday, July 27, 2007 10:44 AM -0400 Anthony Maszeroski
<maszeroskia3 () SCRANTON EDU> wrote:

Have you looked at Kiwi Secure Tunnel? :

http://www.kiwisyslog.com/kiwi-secure-tunnel-overview/

Michael Bayne wrote:

We have a number of windows applications logging to text-based log

files

(IIS, apache, app servers, etc).  We'd like to get these logs off of

the

windows servers and onto our central syslog server and CS-MARS device

in

a (near) real-time manner. So far, I haven't been able to find a tool

to

do this reliably.  Intersect Alliance's Epilog Agent for Windows is

the

best I've seen so far, but I've found it prevents log rotation.

So, I'm curious as to what you are doing.  Are you logging these
text-based logs to a central location (syslog or otherwise)?  What

tools

are you using to do so?

Thanks.


--
- Anthony Maszeroski
-----------------------------------
Information Security Manager
The University of Scranton
email : maszeroskia3 () scranton edu
phone : 570-941-4226
-----------------------------------




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

Current thread:

logging windows text-based files to central logging server Michael Bayne (Jul 27)
- <Possible follow-ups>
- Re: logging windows text-based files to central logging server Anthony Maszeroski (Jul 27)
- Re: logging windows text-based files to central logging server Deepak J. Mathew (Jul 27)
- Re: logging windows text-based files to central logging server Joel Rosenblatt (Jul 27)
- Re: logging windows text-based files to central logging server Aaron Wade (Jul 27)
- Re: logging windows text-based files to central logging server Edgmand, Craig (Jul 27)
- Re: logging windows text-based files to central logging server Nathan W. Labadie (Jul 27)
- Re: logging windows text-based files to central logging server Michael Bayne (Jul 27)
- Re: logging windows text-based files to central logging server Michael Bayne (Jul 30)
- Re: logging windows text-based files to central logging server Havens, Ben (Jul 30)
- Re: logging windows text-based files to central logging server Michael Bayne (Jul 30)
- Re: logging windows text-based files to central logging server Julian J Thompson (jthmpsn2) (Jul 31)