Educause Security Discussion mailing list archives
Re: Log Management
From: Dexter Caldwell <Dexter.Caldwell () FURMAN EDU>
Date: Fri, 5 Mar 2010 17:07:32 -0500
We use and I'd recommend you certainly look at the Nitrosecurity solution for centralized log management. It's very fast, powerful with a lot under the hood for the techies, excellent presentation of information, but is quite easy to deploy. Feel free to contact me off-list if you'd more details. Thanks, Dexter Caldwell Information Security Administrator Computing & Information Services Furman University 3300 Poinsett Hwy Greenville, SC 29613 email: dexter.caldwell () furman edu office: 864-294-3566 facsimile: 864-294.3001 The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> writes:
I am looking to see what other institutions are using to manage their event/system log files. Currently I have Snare installed on our Windows servers and sending the events to a syslog server. That server originally had Prelude IDS installed and I was using Prewikka to view the logs as needed. The problem with Prelude IDS/Prewikka is that accessing the database is painfully slow unless you purchase the database module for fast access. The other option I tested was Splunk which I liked, but because it access Windows systems using WMI it looked like the some of the Windows virtual machines took a performance hit (according to our Technical Director). Right now, I query the logs on the syslog server using customized Perl scripts whenever an information request is made. We are making some changes to our environment and would like to get something setup that is a little better than using Perl scripts on the CLI. Stanley M. Hammond Information Security Specialist Cape Cod Community College Email: shammond () capecod edu
Current thread:
- Log Management Hammond, Stanley (Mar 05)
- <Possible follow-ups>
- Re: Log Management Bradley, Stephen W. Mr. (Mar 05)
- Re: Log Management Joe Vieira (Mar 05)
- Re: Log Management Pufahl, Jason (Mar 05)
- Re: Log Management Hart, Lee Anne (Mar 05)
- Re: Log Management Justin Azoff (Mar 05)
- Re: Log Management Hart, Lee Anne (Mar 05)
- Re: Log Management Wier, Timothy A. (Mar 05)
- Re: Log Management Christopher Jones (Mar 05)
- Re: Log Management King, Ronald A. (Mar 05)
- Re: Log Management Dexter Caldwell (Mar 05)
- Re: Log Management Ferris, Joe (Mar 10)