Re: Looking for some event and security log monitoring software

[Champ Clark III <cclark () quadrantsec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/10/12 6:56 PM, anthony kasza wrote:
> I second the Splunk suggestion. You can collect events via WMI -
> no agents necessary.

Sort of a side note,

WMI you have to "probe" for the messages, no? Sorta of like SNMP trap?
 Is that correct, because that's what I've been told.  Just curious.

Thanks.

- -- 
- - Champ Clark III (cclark () quadrantsec com)
  Quadrant Information Security (http://quadrantsec.com)
  Key Fingerprint: 2E56 C2EB 1B25 C517 D5BA 2DCF 5E70 B2F8 0381 878A
  GPG Key ID: 0381878A


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP/MoVAAoJENnmXt7Lmc3KXi8H/iRx0ovRHPw2WtaQ5cgOirPO
xJ+ycLxdo/Z4w86cOnexdQIHJEEfgveB4P2mty/yKQRhzIVftnE6JD1gARPxBwLj
evj2+6XeRydkpJBL9XXyX6N1LDkXQWmnAv7LIcerY8QJudjN+DlcjVQAS1+6gduh
CKHuTEiFgRwx+l31BqwqkPWNyS+Ota6H9Jbp7M0YZBgM1plxTOeAqwMbGejKFyU1
ju1Nhky5bNc2PC8SkZPi39W4yres4c7ef+aQ05fzwiqGvS/uzYP/PfvQmm96onXm
UZcF4EOzgqtofYenOdn+NnAmaMzDyDV45Hu22RFyexRLeI3hApwdHxFghFiY48I=
=aiac
-----END PGP SIGNATURE-----
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com