Re: Oracle Event Notifications

[Paul Keser <pkeser () STANFORD EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Scott-

I am starting to look at Log Consolidation/SIM/SIEM products as well.  I
would love to hear what you learn & compare notes.

This space seems to be maturing nicely.  When we looked at SIMs while I
was at NASA (~6 years ago) we went with NetForensics because at the time
they were the only player that could handle our various data feeds.  It
was such a beast to manage that it would take at least 1 FTE to manage
so it never got used.

They seem to more user friendly now but I haven't tried any yet.

- -PaulK

Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Scott Sweren wrote:
> We about to embark on a project to automate Oracle event monitoring and
> notifications.  The primary purpose is to be alerted when FERPA and
> other sensitive data is accessed, modified, or changed in an
> unauthorized manner within the database that drives our CRM application,
> PeopleSoft.   We have a list of vendors that can do log consolidation
> and event monitoring as well as have ideas on how to do it ourselves.  I
> am looking to see what others are using and their satisfaction with the
> solution.
>
> Thanks,
>
> Scott
>
> /Scott Sweren
> /Information Security Officer
> University of Delaware
> ssweren () udel edu <mailto:ssweren () udel edu>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAktHiDIACgkQO9nILSaZJPvU2gCfXoXaWFBA8JU8CJp18KXtjPSp
HHQAn2PkoPCNdgtIPFZubzMRNMl/5KZR
=b3JG
-----END PGP SIGNATURE-----