PaulDotCom mailing list archives
Re: Looking for some event and security log monitoring software
From: Ron Gula <rgula () tenable com>
Date: Wed, 11 Jul 2012 13:16:47 +0000
On 7/10/12 10:10 AM, Brian Schultz wrote: So I recently started a new job at a small-ish hospital and was tasked with setting up something that can audit security logs. It sounds and is pretty vague, but this is for HIPAA compliance. I'm more of an infrastructure guy and haven't had a chance to deal with security much and my only exposure is really through the podcast. I have no idea what products are out there to do these things. The environment here is about 99.99% Windows. I was taking a look at Solarwinds Log and Event Manager which looks pretty good so far, but it also requires an agent to be installed on any machines you want to monitor which can be a hassle. Hi there, Tenable just released version 4 of our Log Correlation Engine. It combines ad-hock log search with advanced correlation. There are 100s of easy to use pre-built dashboards for tracking botnets, authentication, ids events, .etc and all of the correlation is built in and turned on by default so you don't have to configure a bunch. it has similar WMI and agents to collect system logs, but also parses realtime logs from the Tenable Passive Vulnerability Scanner, so you can get DNS, file sharing, web browsing, SSH and other network events without having to deploy agents or even collect logs. It's priced extremely competitive to other SIMs and if you are doing any type of security monitoring, having your Nessus scanner(s) managed from the same console as your log analysis tools not only makes your HIPAA reporting easier (since you have vulns & events in one spot), it makes your security monitoring better as well. Log Correlation Engine url: http://www.tenable.com/products/tenable-log-correlation-engine Dashboards: http://blog.tenable.com/sc4dashboards/ Ron Gula Tenable Network Security
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: Looking for some event and security log monitoring software, (continued)
- Re: Looking for some event and security log monitoring software Bigger Thomas (Jul 10)
- Re: Looking for some event and security log monitoring software Chesmore, Michael [DAS] (Jul 11)
- Re: Looking for some event and security log monitoring software Champ Clark III (Jul 10)
- Re: Looking for some event and security log monitoring software fd (Jul 11)
- Re: Looking for some event and security log monitoring software Chris Tizzano (Jul 17)
- Re: Looking for some event and security log monitoring software Chris Keladis (Jul 18)
- Re: Looking for some event and security log monitoring software Mike Patterson (Jul 11)
- Re: Looking for some event and security log monitoring software Mike Patterson (Jul 11)
- Re: Looking for some event and security log monitoring software Brian Schultz (Jul 11)
- Re: Looking for some event and security log monitoring software Ron Gula (Jul 11)