Security Basics mailing list archives

Re: Searching for a product that aggregates logs and can generate alerts

From: vachanta () gmail com
Date: 5 Dec 2005 18:14:11 -0000

Are you looking for a commercial SIMS/ESM/whatever they call it ?

cisco MARS
http://www.cisco.com/en/US/products/ps6241/products_data_sheet0900aecd80272e64.html

ArcSight
http://www.arcsight.com/

Network Intelligence
http://www.network-intelligence.com/

Loglogic
http://loglogic.com/

if you are just looking for a open source
 


Syslog server 

http://freshmeat.net/projects/syslog-ng/
very simple to set up filters in *nix environment. we have had good sucess with it.


open source Agent for windows 

http://ntsyslog.sourceforge.net/

and rest of the hosts and networking gear can syslog to your *nix server

Current thread:

Re: Searching for a product that aggregates logs and can generate alerts vachanta (Dec 05)
- Re: Searching for a product that aggregates logs and can generate alerts Pranav Lal (Dec 06)
- <Possible follow-ups>
- Re: Searching for a product that aggregates logs and can generate alerts Rob Barrett (Dec 06)
  - RE: Searching for a product that aggregates logs and can generate alerts Spyro Malaspinas (Dec 07)