Educause Security Discussion mailing list archives

Re: Open Source centralized log management/SIEM solutions

From: Adam Garside <Adam.Garside () CPCC EDU>
Date: Mon, 26 Apr 2010 11:30:25 -0400

On Apr 26, 2010, at 11:02 AM, Youngquist, Jason R. wrote:

Is anyone using any Open Source or low cost centralized log management/SIEM solution in a production environment 
which you would recommend?


Jason, we use OSSEC-HIDS. It is primarily a HIDS solution but can take logs via syslog if you don't wish to place 
agents on your systems. It is very configurable, easy to setup, has a standard correlation configuration, and doesn't 
require a lot in terms of hardware.

The website is at: www.ossec.net

Warm regards,
Adam

--
Adam Garside <adam.garside () cpcc edu>
Director of Network Services
Information Security Officer
Central Piedmont Community College

Current thread:

Open Source centralized log management/SIEM solutions Youngquist, Jason R. (Apr 26)
- <Possible follow-ups>
- Re: Open Source centralized log management/SIEM solutions Adam Garside (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Matthew Gracie (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Paul Keser (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Joe Marshall (Apr 28)
- Re: Open Source centralized log management/SIEM solutions Bradley, Stephen W. Mr. (Apr 28)
- Re: Open Source centralized log management/SIEM solutions Jason Frisvold (May 03)
- Re: Open Source centralized log management/SIEM solutions Russell Fulton (May 05)
- Re: Open Source centralized log management/SIEM solutions Jason Frisvold (May 10)
- Re: Open Source centralized log management/SIEM solutions Russell Fulton (May 13)