Educause Security Discussion mailing list archives

Re: Centralized Log Management

From: Gary Starling <Gary.Starling () DU EDU>
Date: Fri, 5 Feb 2021 18:41:24 +0000

We are using Exabeam here at the University of Denver and have been pretty happy with it:

https://www.exabeam.com/



Best Regards,



Gary Starling
Interim Vice Chancellor, Information Technology
University of Denver
2100 S High St.
Denver, CO 80208
Office: 303-871-4030




From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Petrus Williams 
<PWilliams () GETTY EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Friday, February 5, 2021 at 11:27 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXTERNAL] [SECURITY] Centralized Log Management

CAUTION: Be careful with this message
This email came from outside of the University of Denver. Do not open attachments, click on links, or respond unless 
you expected this message and/or trust the email address: owner-security () LISTSERV EDUCAUSE EDU.

The Getty uses AlienVault for centralized log monitoring/management. These are mostly security event logs from multiple 
infrastructure components ( servers, firewall, switches etc.). The platform is unwieldy and ready to be retired. I'd 
like to move this function to the cloud and have the monitoring tasks outsourced to a vendor. Any recommendations on 
platforms and a cost effective organization that we can outsource this logging and monitoring tasks to would be 
appreciated. Thanks

Petrus Williams
Assistant Director GDI Infrastructure & Operations
J. Paul Getty Trust
Phone: 310-440-6397

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.com/v3/__https:/www.educause.edu/community__;!!NCZxaNi9jForCP_SxBKJCA!AAcvwfJIQbycI_h6y7u6VB-dnKxFTXK6KVSXmyI-QCyoOmX9KsNJz6ZKkG5ja8mz-Kc$>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Centralized Log Management Petrus Williams (Feb 05)
- Re: Centralized Log Management Barton, Robert W. (Feb 05)
- <Possible follow-ups>
- Re: Centralized Log Management Gary Starling (Feb 05)