Security Basics mailing list archives
Re: Searching for a product that aggregates logs and can generate alerts
From: Gilles DEMARTY <gilles.demarty () gmail com>
Date: Mon, 5 Dec 2005 19:00:10 +0100
Hi pranav. This kind of product is usualy called SEM (for security event management). Many software enters this category. among themselves you have commercial ones ( arcsight, netforensics,exaprotect) and (as far as i know) an opensource one : OSSIM. You must consider that the price for SEM systems are a bit high (usualy 100+ k$). I don't know for the others, but the exaprotect correlation engine is quite good and the technologies you specified are supported. sincerely. Gilles Demarty ps : i'm working for exaprotect, so this message may sound a bit biaised and commercial. 2005/12/5, Pranav Lal <pranav.lal () gmail com>:
Hi all, I have been asked to find a product that aggregates logs that is router logs, IDS logs, operating system logs and generates alerts if something is amiss. I have found one such product at http://www.intersectalliance.com/projects/index.html Does any one know of any other such product? I believe Sisco has something like this. The objective of the exercise is to reduce the load on the system administrator and to have better alerting. I am trying to find a product that supports sms alerts. Pranav
Current thread:
- Searching for a product that aggregates logs and can generate alerts Pranav Lal (Dec 05)
- Re: Searching for a product that aggregates logs and can generate alerts Gilles DEMARTY (Dec 05)
- RE: Searching for a product that aggregates logs and can generate alerts Greg Owens (Dec 05)
- Re: Searching for a product that aggregates logs and can generate alerts Genjii (Dec 14)