Re: Looking for some event and security log monitoring software

[Josh More <jmore () starmind org>]

Look at Security Onion.  http://securityonion.blogspot.com/

It's free, but not Windows.  Use it to get your operations capability
up and running.  (Incident response, analytics, etc.)  Odds are this
will take you at least two years with any system, so by using the free
system where everything is self-contained, you save on two years worth
of licensing AND after two years, you'll be in a better position to
identify whether or not a Windows-based commercial solution will be
worth what it costs.

-Josh More



On Tue, Jul 10, 2012 at 9:10 AM, Brian Schultz <theconqueror () gmail com> wrote:
> So I recently started a new job at a small-ish hospital and was tasked with
> setting up something that can audit security logs. It sounds and is pretty
> vague, but this is for HIPAA compliance. I'm more of an infrastructure guy
> and haven't had a chance to deal with security much and my only exposure is
> really through the podcast. I have no idea what products are out there to do
> these things. The environment here is about 99.99% Windows. I was taking a
> look at Solarwinds Log and Event Manager which looks pretty good so far, but
> it also requires an agent to be installed on any machines you want to
> monitor which can be a hassle.
>
> Is there anything else that I should be taking a look at? GFI Events Manager
> or some open-source solution?
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com