Full Disclosure mailing list archives

Re: Windows 2003 Logging/Log Analysis Tool

From: "Tom Meier" <sec-alert () gmx net>
Date: Fri, 18 Nov 2005 11:45:35 +0100

I do not have a business relation with this company! I think adventnet have 
new interesting security products and will share this information with all 
security people.

"ManageEngine EventLog Analyzer 4" its free for 5 Hosts. Windows based (easy 
install), Database (MySql) and Webserver includet.

http://manageengine.adventnet.com/products/eventlog/index.html

Live Demo: http://demo.eventloganalyzer.com/

---------------------------------- Product description (from 
www.adventnet.com ) ----------------------------------------

ManageEngine EventLog Analyzer is a web-based event log management solution 
that collects, analyzes, and reports on event logs from enterprise-wide 
Windows and UNIX systems. An ideal software for meeting regulatory 
compliance needs.

Why use EventLog Analyzer?

This system log monitoring tool can :
    Monitor network-wide critical security events
    Receive instant alerts on critical events on specific servers
    Archive distributed events to a central location
    No client software/agents required

EventLog Analyzer improves security and reduces downtime of critical servers 
on your enterprise network. Features such as instant reports and automated 
archiving help in analyzing and troubleshooting system problems quickly.


----- Original Message ----- 
From: "MadHat" <madhat () unspecific com>
To: <full-disclosure () lists grok org uk>
Sent: Thursday, November 17, 2005 10:19 PM
Subject: Re: [Full-disclosure] Windows 2003 Logging/Log Analysis Tool


On Nov 17, 2005, at 1:25 PM, Castigliola, Angelo wrote:

As MadHat already suggested: for free tools I found that Snare
(http://www.intersectalliance.com/projects/index.html) was the best
however it lacks good notification features such as email or desktop
alerts that inform you there is a problem . You basically need to
monitor Snare's output.


I was meaning to suggest using snare on a windows box to report to a
syslog server, then use something like SEC to actually monitor
events.  Though the SNARE server is ok, and has some nice features,
it is not flexible enough (last I checked anyway) for what I have
needed in the past.   It's all free and works fairly well in my
experience.


--
MadHat (at) Unspecific.com, C²ISSP
E786 7B30 7534 DCC2 94D5  91DE E922 0B21 9DDC 3E98
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Windows 2003 Logging/Log Analysis Tool John Goh (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool Michael Holstein (Nov 17)
- RE: Windows 2003 Logging/Log Analysis Tool Vernocchi, Pablo (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool chairuou (Nov 23)
- <Possible follow-ups>
- RE: Windows 2003 Logging/Log Analysis Tool Fielder, Kevin (GE Consumer Finance) (Nov 17)
- RE: Windows 2003 Logging/Log Analysis Tool Castigliola, Angelo (Nov 17)
  - RE: Windows 2003 Logging/Log Analysis Tool Vernocchi, Pablo (Nov 17)
  - Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 17)
    - Re: Windows 2003 Logging/Log Analysis Tool Tom Meier (Nov 18)
    - Re[2]: Windows 2003 Logging/Log Analysis Tool Mathieu CHATEAU (Nov 18)
    - Re: Windows 2003 Logging/Log Analysis Tool Michael Holstein (Nov 18)
    - Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 18)