Educause Security Discussion mailing list archives
Re: SIEM questions.
From: Nadim El-Khoury <0000024d485fe2c4-dmarc-request () LISTSERV EDUCAUSE EDU>
Date: Thu, 13 May 2021 19:44:04 -0400
Hi Jonathan, We use Graylog here at Springfield College. We are using the open-source version, and we are so far happy with it. We started using it a couple of months ago, and so far, we indexed around 103+ GB of data from our Palo Alto firewalls alone. We did not even count the data from the ASA VPN devices and other systems. As a small college with limited funds and resources, we would not be able to afford the other products. Best, Nadim El-Khoury Director of Networks, Systems, Infrastructure, and Information Security Officer Springfield College 263 Alden Street Springfield, MA 01109 nel-khoury () springfield edu On Thu, May 13, 2021 at 4:15 PM Francisco Chavez <fac3 () stmarys-ca edu> wrote:
Hi Kimmitt, Here at Saint Mary’s we use AlienVault. Like Rich mentioned, the company has had a few bad years but the product and support is much better now. We currently use AlienVault USM Anywhere which is hosted on AWS. Please feel free to reach out directly if you have any questions! Sincerely, Francisco Chavez -- Francisco Chavez, MBA | Interim CTO Saint Mary's College of California ............................................................................................................................... IT Services <https://www.stmarys-ca.edu/it-services> phone: (925) 631-8236 email: fac3 () stmarys-ca edu On May 13, 2021, at 11:32 AM, Kimmitt, Jonathan < jonathan-kimmitt () UTULSA EDU> wrote: Reposting from the CIO group email for my CIO: Happy Thursday, Smaller institutions with pandemic-minded budgets, do you have a SIEM you’re using that is quality, provides insightful reporting and is either easy to manage OR managed externally? That you would recommend? (I’ll take warnings too!) We’re looking to make a change within the next 12-18 months and I could use honest feedback on solutions, experience, cost, dedicated headcount support. Can email me directly: Thanks much, -Jonathan ~ Jonathan Kimmitt CISSP, FIP, CDPSE, CIPP/E, CIPM, CIPT, OTCP,GLEG, GPEN, GSNA, PCIP, CEH Chief Information Security Officer Information Technology The University of Tulsa 918.631.2743 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- SIEM questions. Kimmitt, Jonathan (May 13)
- Re: SIEM questions. Rich Graves (May 13)
- Re: SIEM questions. Francisco Chavez (May 13)
- Re: SIEM questions. Nadim El-Khoury (May 13)
- Re: [External] Re: [SECURITY] SIEM questions. Kevin Wilcox (May 14)
- Re: [External] Re: [SECURITY] SIEM questions. Kimmitt, Jonathan (May 14)
- Re: [External] Re: [SECURITY] SIEM questions. Beth Albertson (May 14)
- Re: SIEM questions. Nadim El-Khoury (May 13)
- Re: SIEM questions. Kimmitt, Jonathan (May 13)
- <Possible follow-ups>
- Re: SIEM questions. Perez, Roberto (May 13)