PaulDotCom mailing list archives
Re: Looking for some event and security log monitoring software
From: Chris Keladis <ckeladis () gmail com>
Date: Wed, 18 Jul 2012 10:01:18 +1000
On Wed, Jul 18, 2012 at 1:12 AM, Chris Tizzano <CTizzano () bn com> wrote:
You can look at WinRM to roll up events in a Windows environment with W2K8 servers acting as collectors, then feed this into any SIEM, such as splunk.
Just to clarify - Splunk itself is more a (to use their words) an "operational-intelligence" tool which you can turn into a SIEM either manually, or by some of their free apps or purchase of their Enterprise Security app (and similar security apps they offer). Splunk is quite cool, it's ability to index any "time-series" data (not necessarily just logs) make it easily extensible and quite unique. Throw in a rich search/analytics language, and you can really go to town. It's price-point is comparable to other OI/SIEM solutions, but everyone has their own opinion/needs there :) Depending on the OPs needs, alot of other vendors mentioned in this thread have some really good stuff as well, including the Open-Source solutions. Chris. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: Looking for some event and security log monitoring software, (continued)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software anthony kasza (Jul 10)
- Re: Looking for some event and security log monitoring software Matthew Perry (Jul 10)
- Re: Looking for some event and security log monitoring software Guillaume Ross (Jul 10)
- Re: Looking for some event and security log monitoring software Doug Burks (Jul 11)
- Re: Looking for some event and security log monitoring software Bigger Thomas (Jul 10)
- Re: Looking for some event and security log monitoring software Chesmore, Michael [DAS] (Jul 11)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software fd (Jul 11)
- Re: Looking for some event and security log monitoring software Chris Tizzano (Jul 17)
- Re: Looking for some event and security log monitoring software Chris Keladis (Jul 18)
- Re: Looking for some event and security log monitoring software Mike Patterson (Jul 11)
- Re: Looking for some event and security log monitoring software Mike Patterson (Jul 11)
- Re: Looking for some event and security log monitoring software Brian Schultz (Jul 11)
- Re: Looking for some event and security log monitoring software Ron Gula (Jul 11)