PaulDotCom mailing list archives
Re: Looking for some event and security log monitoring software
From: anthony kasza <anthony.kasza () gmail com>
Date: Tue, 10 Jul 2012 19:50:25 -0500
Conceptually similar to SNMP, but not the same. You configure Splunk with a service account. Periodically, Splunk will login to those designated systems and collect WMI information. The service account needs the proper rights and privileges to read WMI on each system. -AK On Tue, Jul 10, 2012 at 7:34 PM, Champ Clark III <cclark () quadrantsec com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/10/12 6:56 PM, anthony kasza wrote:I second the Splunk suggestion. You can collect events via WMI - no agents necessary.Sort of a side note, WMI you have to "probe" for the messages, no? Sorta of like SNMP trap? Is that correct, because that's what I've been told. Just curious. Thanks. - -- - - Champ Clark III (cclark () quadrantsec com) Quadrant Information Security (http://quadrantsec.com) Key Fingerprint: 2E56 C2EB 1B25 C517 D5BA 2DCF 5E70 B2F8 0381 878A GPG Key ID: 0381878A -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJP/MoVAAoJENnmXt7Lmc3KXi8H/iRx0ovRHPw2WtaQ5cgOirPO xJ+ycLxdo/Z4w86cOnexdQIHJEEfgveB4P2mty/yKQRhzIVftnE6JD1gARPxBwLj evj2+6XeRydkpJBL9XXyX6N1LDkXQWmnAv7LIcerY8QJudjN+DlcjVQAS1+6gduh CKHuTEiFgRwx+l31BqwqkPWNyS+Ota6H9Jbp7M0YZBgM1plxTOeAqwMbGejKFyU1 ju1Nhky5bNc2PC8SkZPi39W4yres4c7ef+aQ05fzwiqGvS/uzYP/PfvQmm96onXm UZcF4EOzgqtofYenOdn+NnAmaMzDyDV45Hu22RFyexRLeI3hApwdHxFghFiY48I= =aiac -----END PGP SIGNATURE----- _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Looking for some event and security log monitoring software Brian Schultz (Jul 10)
- Re: Looking for some event and security log monitoring software Josh More (Jul 10)
- Re: Looking for some event and security log monitoring software Bigger Thomas (Jul 10)
- Re: Looking for some event and security log monitoring software anthony kasza (Jul 10)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software anthony kasza (Jul 10)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software anthony kasza (Jul 10)
- Re: Looking for some event and security log monitoring software Matthew Perry (Jul 10)
- Re: Looking for some event and security log monitoring software Guillaume Ross (Jul 10)
- Re: Looking for some event and security log monitoring software Doug Burks (Jul 11)
- Re: Looking for some event and security log monitoring software anthony kasza (Jul 10)
- Re: Looking for some event and security log monitoring software Bigger Thomas (Jul 10)
- Re: Looking for some event and security log monitoring software Chesmore, Michael [DAS] (Jul 11)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software fd (Jul 11)
- Re: Looking for some event and security log monitoring software Chris Tizzano (Jul 17)