PaulDotCom mailing list archives
Re: Setting up a syslog server
From: John Franklin <franklinj () gmail com>
Date: Mon, 7 Jan 2013 10:09:33 -0500
I am using snare on a handful of windows servers, it's easy to setup. I haven't gotten too in depth with it but it happily sends logs all day long to our Solarwinds server. I agree, Splunk is very useful if you have the time to write dashboards and reports. Poring through mountains of raw data is much easier. If you know what you're looking for. I want to work on bringing more automation into it so I can get an overview. Listening intently to this thread so I can learn more. John. On Mon, Jan 7, 2013 at 9:43 AM, Albert R. Campa <abcampa () gmail com> wrote:
thats the easy part, atleast for linux type systems with syslog.conf file. For windows I hear snare works good. On Sun, Jan 6, 2013 at 5:30 PM, Robin Wood <robin () digininja org> wrote:On 6 January 2013 21:54, Doug Burks <doug.burks () gmail com> wrote:Hi Robin, One option would be to install Security Onion and enable ELSA. You'll automatically get syslog-ng and a nice web interface to hunt through your logs.I might do that as the server side, just need to figure out how to get various machines to send all their stuff to it. RobinThanks, Doug On Sunday, January 6, 2013, Robin Wood wrote:Hi I'm going to be setting up a syslog server for the first time next week, can anyone recommended any good guides? I know there are quite a few out there but want a good, tested, one. Robin-- Doug Burks http://securityonion.blogspot.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: Setting up a syslog server, (continued)
- Re: Setting up a syslog server Carlos Perez (Jan 06)
- Re: Setting up a syslog server Robin Wood (Jan 06)
- Re: Setting up a syslog server Doug Burks (Jan 06)
- Re: Setting up a syslog server Robin Wood (Jan 06)
- Re: Setting up a syslog server Xavier Mertens (Jan 07)
- Re: Setting up a syslog server Ralph Durkee (Jan 07)
- Re: Setting up a syslog server Robin Wood (Jan 07)
- Re: Setting up a syslog server Champ Clark III (Jan 07)
- Re: Setting up a syslog server Tom Handlon (Jan 07)
- Re: Setting up a syslog server Robin Wood (Jan 06)
- Re: Setting up a syslog server Carlos Perez (Jan 06)
- Re: Setting up a syslog server Albert R. Campa (Jan 07)
- Re: Setting up a syslog server John Franklin (Jan 07)
- Re: Setting up a syslog server Robin Wood (Jan 07)