nanog mailing list archives

RE: events

From: "Jones, Barry" <BEJones () semprautilities com>
Date: Tue, 4 Oct 2011 08:47:22 -0700

A sub question to this would be - is anyone using an app or client that will forward windows OS events to said 
collector? I've seen Loglogic and others. Was just curious if you've used a small scale version to collect security 
events - log on, log off, etc...?

-----Original Message-----
From: Harry Hoffman [mailto:hhoffman () ip-solutions net] 
Sent: Friday, September 30, 2011 6:56 AM
To: nanog () nanog org
Subject: Re: events

It's a bit old but still works well. Russel Fulton and I worked on this when I was down in NZ.

You still need to run syslog-ng but this allows you to ignore, warn, alert on logs via regex.

http://www.ip-solutions.net/syslog-ng/

Cheers,
Harry

On 09/30/2011 09:50 AM, harbor235 wrote:

What is everyone using to collect, alert, and analyze syslog data?
I am looking for something that can generate reports as well as support
multiple vendors. We have done some home grown stuff in the past but
would be interested in something  that incorprates all the best features.

Soalrwinds, splunk, fwanalog, and others come to mind, any other good ones
out there?


Mike

Current thread:

Re: events Brian Spade (Oct 04)
- Re: events Jeff Gehlbach (Oct 05)
- <Possible follow-ups>
- Re: events Ben Roeder (Oct 04)
  - Re: events Leigh Porter (Oct 04)
  - Re: events Jason LeBlanc (Oct 04)
    - Re: events PC (Oct 05)
- RE: events Jones, Barry (Oct 04)
  - Re: events jeff murphy (Oct 04)