Full Disclosure mailing list archives
Re: Windows 2003 Logging/Log Analysis Tool
From: "Tom Meier" <sec-alert () gmx net>
Date: Fri, 18 Nov 2005 11:45:35 +0100
I do not have a business relation with this company! I think adventnet have new interesting security products and will share this information with all security people. "ManageEngine EventLog Analyzer 4" its free for 5 Hosts. Windows based (easy install), Database (MySql) and Webserver includet. http://manageengine.adventnet.com/products/eventlog/index.html Live Demo: http://demo.eventloganalyzer.com/ ---------------------------------- Product description (from www.adventnet.com ) ---------------------------------------- ManageEngine EventLog Analyzer is a web-based event log management solution that collects, analyzes, and reports on event logs from enterprise-wide Windows and UNIX systems. An ideal software for meeting regulatory compliance needs. Why use EventLog Analyzer? This system log monitoring tool can : Monitor network-wide critical security events Receive instant alerts on critical events on specific servers Archive distributed events to a central location No client software/agents required EventLog Analyzer improves security and reduces downtime of critical servers on your enterprise network. Features such as instant reports and automated archiving help in analyzing and troubleshooting system problems quickly. ----- Original Message ----- From: "MadHat" <madhat () unspecific com> To: <full-disclosure () lists grok org uk> Sent: Thursday, November 17, 2005 10:19 PM Subject: Re: [Full-disclosure] Windows 2003 Logging/Log Analysis Tool On Nov 17, 2005, at 1:25 PM, Castigliola, Angelo wrote:
As MadHat already suggested: for free tools I found that Snare (http://www.intersectalliance.com/projects/index.html) was the best however it lacks good notification features such as email or desktop alerts that inform you there is a problem . You basically need to monitor Snare's output.
I was meaning to suggest using snare on a windows box to report to a syslog server, then use something like SEC to actually monitor events. Though the SNARE server is ok, and has some nice features, it is not flexible enough (last I checked anyway) for what I have needed in the past. It's all free and works fairly well in my experience. -- MadHat (at) Unspecific.com, CĀ²ISSP E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98 gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Windows 2003 Logging/Log Analysis Tool John Goh (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool Michael Holstein (Nov 17)
- RE: Windows 2003 Logging/Log Analysis Tool Vernocchi, Pablo (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool chairuou (Nov 23)
- <Possible follow-ups>
- RE: Windows 2003 Logging/Log Analysis Tool Fielder, Kevin (GE Consumer Finance) (Nov 17)
- RE: Windows 2003 Logging/Log Analysis Tool Castigliola, Angelo (Nov 17)
- RE: Windows 2003 Logging/Log Analysis Tool Vernocchi, Pablo (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 17)
- Re: Windows 2003 Logging/Log Analysis Tool Tom Meier (Nov 18)
- Re[2]: Windows 2003 Logging/Log Analysis Tool Mathieu CHATEAU (Nov 18)
- Re: Windows 2003 Logging/Log Analysis Tool Michael Holstein (Nov 18)
- Re: Windows 2003 Logging/Log Analysis Tool MadHat (Nov 18)