Educause Security Discussion mailing list archives
Re: SIEM Solutions
From: Shawn Kohrman <skohrman () APU EDU>
Date: Tue, 5 Jun 2012 16:33:50 -0700
Many thanks to all of you who responded! I'll keep you posted as we move forward. Shawn ----- Shawn A. Kohrman, Security Architect Azusa Pacific University Information & Media Technology 901 E. Alosta Ave., PO Box 7000 Azusa, CA 91702-7000 P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/ ----- On Tue, Jun 5, 2012 at 8:52 AM, Paul Hanson <paulh () haas berkeley edu> wrote:
We're currently evaluating the community edition of Alienvault since it supports ossec, syslog, arpwatch, p0f, and snort. There are a plethora of other products it supports but those are the big hitters. I've heard the professional version is leaps and bounds above the free version but haven't gotten that far. In terms of alternatives I've heard good things about IBM QRadar (formerly Q1 Labs) Tenable Log Correlation Engine Solarwinds Log & Event Manager (formerly Trigeo) Cheers! Paul -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shawn Kohrman Sent: Monday, June 04, 2012 2:49 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] SIEM Solutions Hello, I am currently working on a proposal for implementing a central logging system for our various services/devices. I was wondering if I should be looking for a SIEM solution to consolidate event correlation with log management. I'm curious to know what others have done or are planning in this area. Shawn ----- Shawn A. Kohrman, Security Architect Azusa Pacific University Information & Media Technology 901 E. Alosta Ave., PO Box 7000 Azusa, CA 91702-7000 P: 626.815.2054 | F: 626.815.2061 | http://www.apu.edu/ -----
Current thread:
- SIEM Solutions Shawn Kohrman (Jun 04)
- Message not available
- Re: SIEM Solutions Shawn Kohrman (Jun 05)
- Re: SIEM Solutions Matthew Hodgett (Jun 06)
- Re: SIEM Solutions Shawn Kohrman (Jun 12)
- Re: SIEM Solutions Dr. Wole Akpose (Jun 12)
- Re: SIEM Solutions Jeff Howlett (Jun 12)
- Re: SIEM Solutions Debbie Montano (Jun 15)
- Re: SIEM Solutions Shawn Kohrman (Jun 05)
- Message not available