Re: SIM Suggestions

["Kurt Buff" <kurt.buff () gmail com>]

Evaluation of that is on ly list of things to do.

On Thu, Jul 31, 2008 at 1:33 PM, Jon Uriona <jurionamendi () yahoo es> wrote:
> What about OSSIM ?? --> www.ossim.net
>
> Not very mature but has an open integration with too many systems (easy
> plugin language...)
>
> Regards,
>
> Jon
>
>
> ----- Mensaje original ----
> De: Kurt Buff <kurt.buff () gmail com>
> Para: Ramki B Ramakrishnan <bramkie () gmail com>
> CC: Vu Anh Tu <fpt-noc () fpt net>; security-basics () securityfocus com
> Enviado: jueves, 31 de julio, 2008 21:22:55
> Asunto: Re: SIM Suggestions
>
> On Wed, Jul 30, 2008 at 8:01 AM, Ramki B Ramakrishnan <bramkie () gmail com>
> wrote:
> > Splunk is good for log analysis and AFIK more economical...
> >
> > http://www.splunk.com/applications
> >
> > Any views on Splunk would add value to this thread.
> >
> > -----
> > Ramki B. Ramakrishnan
> > Security Enthusiast
> > GIAC:GSEC, CvA
>
> Yes, I have a view. I just took a look at their pricing, and there is
> no way on Earth I can afford their pricing. Between my Windows
> servers, my *nix servers and my firewall, I generate easily 2gb of
> logs to my syslog server daily, and I don't log all I'd like to
> gather. But, for a manufacturing company with fewer than 300 people,
> this will never fly.
>
> Insanely overpriced, and no matter how good it is, I'll not be able to use
> it.
>
> Bummer.
>
> Kurt
>
> ________________________________
> Enviado desde Correo Yahoo!
> La bandeja de entrada más inteligente.