Educause Security Discussion mailing list archives
Re: Open Source centralized log management/SIEM solutions
From: Jason Frisvold <frisvolj () LAFAYETTE EDU>
Date: Mon, 3 May 2010 15:41:19 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/26/2010 02:24 PM, Paul Keser wrote:
There was also a good write up in Linux Journal a few months ago. I spoke to AlienVault at RSA and it sounds very promising. I am planning to play with it this summer.
I've started to dig into OSSEC a bit. I'm a big user of Osiris (http://osiris.shmoo.com), but unfortunately, Osiris seems to have fallen out of maintenance.. It still works, but there hasn't been a new release in some time. Based on what I'm seeing, it would appear that OSSEC analyzes logs internally and external manipulation (ala Splunk) isn't really supported.. Is this where AlienVault fits in? (I'm basically unfamiliar with AlienVault at this point) While I believe we'll probably use OSSEC for its HIDS capabilities, I am looking for a really good logging solution. We'll likely use rsyslog to forward the syslog data to a central location, but from there I'm still looking for a solution. Any help would be appreciated.
-PaulK
Thanks, - -- - --------------------------- Jason Frisvold Network Engineer frisvolj () lafayette edu - --------------------------- "What I cannot create, I do not understand" - Richard Feynman -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvfJt8ACgkQO80o6DJ8UvkH5wCdEqUeknVMOtKFEJCCKOzed5pX uUQAnAsn2o5+fe6z7a8Zq950jLGmhZlH =72P8 -----END PGP SIGNATURE-----
Current thread:
- Open Source centralized log management/SIEM solutions Youngquist, Jason R. (Apr 26)
- <Possible follow-ups>
- Re: Open Source centralized log management/SIEM solutions Adam Garside (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Matthew Gracie (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Paul Keser (Apr 26)
- Re: Open Source centralized log management/SIEM solutions Joe Marshall (Apr 28)
- Re: Open Source centralized log management/SIEM solutions Bradley, Stephen W. Mr. (Apr 28)
- Re: Open Source centralized log management/SIEM solutions Jason Frisvold (May 03)
- Re: Open Source centralized log management/SIEM solutions Russell Fulton (May 05)
- Re: Open Source centralized log management/SIEM solutions Jason Frisvold (May 10)
- Re: Open Source centralized log management/SIEM solutions Russell Fulton (May 13)