Security Basics mailing list archives

RE: log analyser

From: "Todd Neal" <ToddNeal () tnwinc com>
Date: Mon, 1 Jun 2009 13:17:43 -0400

If you are going to pay for something check this out:

http://www.manageengine.com/products/eventlog/index.html

I started using it after kiwi started to charge for some of the features
I needed. With the product above you can also dump server event logs
without installing an agent. Easy to sort and preview when you have many
logs. 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Hindley Nick
Sent: Monday, June 01, 2009 12:05 PM
To: 'sec () nd-f com'; security-basics () securityfocus com
Subject: RE: log analyser

 we're using snare and kiwisyslog

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of sec () nd-f com
Sent: 29 May 2009 00:26
To: security-basics () securityfocus com
Subject: log analyser

Hi,

can someone of you recommend a good enterprise log analyser solution? i
have to collect, corrolate and analyse about 1200 windows machines and
200 linux boxes. i want to do this in real-time, trigger actions (like
email notification), make sense out of e.g. ten failed login attempts
following the one successful etc.

any hint would be helpful
thanks
andy

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means
you pass the exam. Gain a laser like insight into what is covered on the
exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means
you pass the exam. Gain a laser like insight into what is covered on the
exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

log analyser sec (Jun 01)
- RE: log analyser Hindley Nick (Jun 01)
  - RE: log analyser Todd Neal (Jun 01)
- Re: log analyser Abilash Praveen (Jun 01)
- Re: log analyser Jared Curtis (Jun 01)
- Re: log analyser giuseppe . fuggiano (Jun 01)
- RE: log analyser John Lightfoot (Jun 01)
- Re: log analyser aditya mukadam (Jun 02)
  - RE: log analyser Amardeep Singh (Jun 03)
  - RE: log analyser Tariq Naik (Jun 04)
  - RE: log analyser Ramki B Ramakrishnan (Jun 08)
- Re: log analyser TT-SEC (Jun 12)
  - Re: log analyser Richard Thomas (Jun 15)

(Thread continues...)