Security "dashboard" applications

[only.samurai at gmail.com (Andrew Ellis)]

Out of curiosity, when was it that you used OSSIM? It's had some
significant changes in the last 6 months.

On Tue, Oct 6, 2009 at 5:42 PM, Robert Miller <arch3angel at gmail.com> wrote:
> I have used OSSIM and I liked it for the most part. ?I did find that
> with the traffic we passed it became overwhelmed and the hard drives
> filed up in under a day (140GB) making it completely unresponsive.
>
> You may want to make sure to partition off things such as your logs so
> if you fill up the partition you can still access and operate the server.
>
> Let me know how it works out for you, I was pulled off the project for
> another of higher priority but should be back on it in a month or so.
>
> *** Personal Note - All answers to this are great as I know many have
> thought this same thing and it is asked often ***
>
> - Robert
>
> Andrew Ellis wrote:
> > You might look into using OSSIM. It's great for aggregating events and
> > viewing them. It's pretty modular so odds are good you'll be able to
> > get what you're looking at plugged into it. It also has jasperserver
> > running within it, which let's you write reports pretty easily from
> > the data you've already got.
> >
> > https://www.alienvault.com/products.php?section=OpenSourceSIM
> >
> > On Tue, Oct 6, 2009 at 2:58 PM, Jason Wood <tadaka at gmail.com> wrote:
> >
> > > Hey all,
> > > I've been asked to try to put together reporting for security related issues
> > > and items. ?I've created a starting place for what I would like to report
> > > on. ?I REALLY don't want to put all this into a spreadsheet and try to
> > > maintain that. ?I'd prefer some kind of dashboard which could pull
> > > information from ticketing systems, scripts, etc to make at least some of
> > > the updates.
> > >
> > > Does anyone know of an open source app like this or could be a decent base
> > > to start with? ?And, rather than set this idea in stone, I'm open to
> > > different ideas if someone has an alternative that they are using.
> > >
> > > Thanks,
> > > Jason
> > >
> > > --
> > >
> > > irc: Tadaka
> > > Twitter: ?Jason_Wood
> > > jwnetworkconsulting.com
> > >
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom at mail.pauldotcom.com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com



-- 
Andrew Ellis
http://www.samurainet.org/blog