Security Basics mailing list archives
RE: Security log consolidation
From: "Garbrecht, Frederick" <FGarbrecht () ecogchair org>
Date: Fri, 22 Nov 2002 14:43:59 -0500
I wrote an article about some of the options and our own network implementation of centralized logging: http://rr.sans.org/casestudies/mixed_win.php Hope it helps Fred -----Original Message----- From: netsec novice [mailto:netsec9 () hotmail com] Sent: Wednesday, November 20, 2002 2:57 PM To: security-basics () securityfocus com Subject: Security log consolidation I am looking for a way to consolidate the output from the security event log from about 40+ servers. I know there are several tools out there that convert Event log messages to syslog and you are then able to use a single event log server to monitor activity. Two that I have seen are EventTracker and also Event Reporter from Adiscon. I have also seen Kiwi Syslog and Winsyslog. I'm looking to get advice from those of you out there that have done this and can lend input on what works well and what doesn't. Thanks for your feedback. N _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
Current thread:
- Security log consolidation netsec novice (Nov 22)
- <Possible follow-ups>
- RE: Security log consolidation Garbrecht, Frederick (Nov 25)