Re: Enterprise Log Management Systems

[Florian Rommel <frommel () gmail com>]

Hi , I am just finishing writing a comparison between Loglogic, Splunk
Professional and Snare server..
I already wrote a tutorial on how tog et snare and splunk to work together
and how to use spunk's search feature.

I have worked with all 3 and I think it really depends on your price tag and
complexity requirements.


Loglogic and lasso is a good but quite pricey solution, snare and snare
server is less costly but doesn't have some nice features (i am extremely
fond of splunks search and speed feature i have to say) found in the other
products and the same goes for splunk.

All 3 can be made to collect data from pretty much any OS out there.


Here is the write-up of snare and splunk:
http://blog.2blocksaway.com/2007/04/03/snare-and-splunkfull-logging-for-ever
yone-logs-manage-them-well-on-ubuntu/#comment-9423

And I will post here when the write-up of all 3 is done, should be tomorrow
or so.


Cheers

//Flosse
http://blog.2blocksaway.com



On 4/25/07 4:56 PM, "Tornado" <itsec_guy () bluebottle com> wrote:

> Hi All,
>
> I would like to know which are the best Enterprise log management systems
> out there in the market. Both commercial and Open source are fine.
> Here are the requirements:
>
> 1. Log collection from variety of systems like Windows, Linux, Routers and
> firewalls.
>
> 2. Analysis of collected logs and co-relation.
>
> 3. Report generation for the activities for starndards like ISO 270001
>
> 4. Email/SMS alerts.
>
> Thanks in advance.
>
> ----------------------------------------------------------------------
> Get a free email address with REAL anti-spam protection.
> http://www.bluebottle.com