PaulDotCom mailing list archives
your log management tools of choice?
From: andycapp92 at gmail.com (Andrew Anderson)
Date: Fri, 5 Jun 2009 13:16:57 -0600
Thank you all for your thoughts.... I am partial to open source for now. I need to be able to show some value before looking for a budget on this one (other than my time). It sounds like the consensus is pointing to Splunk as a good starting point. I do use Aanval on my IDS boxes and should probably look at it for this... I wanted to get some opinons first though. On Fri, Jun 5, 2009 at 12:27 PM, scott burkhart <burkhart.scott at gmail.com>wrote:
A previous poster mentioned Cisco Mars, I utilize a Mars device and can highly recommend it. We process over 30 million events (firewall logs, windows event logs, linux logs, router logs) a day and it makes short work of analyzing data. Used Splunk (still actually use splunk installed locally as needed) for a while and it worked great as well. On Fri, Jun 5, 2009 at 1:06 PM, Michael Douglas <mick at pauldotcom.com>wrote:If you're not opposed to commercial products, I can highly recommend LogRhythm. It's quite powerful, yet easy to use. Note that with any log analyzer, the setup is a pain. - Mick On Fri, Jun 5, 2009 at 1:58 PM, John Lowry<johnlowry at gmail.com> wrote:I really like using OSSEC on my syslog machine to scan for EOI for me an alert me when stuff happens. I then use Splunk for searching through those events. Paul Asadoorian wrote:Splunk was one of those tools that got popular after I left the university. I think we need to do a tech segment on it as its been highly recommended by many. Cheers, Paul Russell Butturini wrote:Commercial or open source? For commercial we like Cisco?s CS-MARS, but that?s a big investment. Free tools, Splunk is pretty darn good._______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Andrew Anderson andrew at a2-technologies.com, andycapp92 at gmail.com 403.827.3802 403.249.4278 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090605/d8e97978/attachment.htm
Current thread:
- your log management tools of choice? Andrew Anderson (Jun 05)
- your log management tools of choice? Jim Halfpenny (Jun 05)
- your log management tools of choice? Paul Asadoorian (Jun 05)
- your log management tools of choice? Nicholas B. (Jun 05)
- your log management tools of choice? Russell Butturini (Jun 05)
- your log management tools of choice? Paul Asadoorian (Jun 05)
- your log management tools of choice? John Lowry (Jun 05)
- your log management tools of choice? Michael Douglas (Jun 05)
- your log management tools of choice? scott burkhart (Jun 05)
- your log management tools of choice? Andrew Anderson (Jun 05)
- your log management tools of choice? Keith Pawson (Jun 08)
- your log management tools of choice? Chris Bentley (Jun 09)
- your log management tools of choice? Jack Daniel (Jun 09)
- your log management tools of choice? William Hooper (Jun 09)
- your log management tools of choice? Jody & Jennifer McCluggage (Jun 09)
- your log management tools of choice? Paul Asadoorian (Jun 05)
- your log management tools of choice? Jim Halfpenny (Jun 05)
- your log management tools of choice? Ron Gula (Jun 10)
- your log management tools of choice? Tim Mugherini (Jun 05)
- your log management tools of choice? Nicholas B. (Jun 06)