|
Security Basics
log analyser May 28 2009 11:25PM sec nd-f com (7 replies) Re: log analyser Jun 11 2009 03:38AM TT-SEC (secfoc tigerteam net) (1 replies) Re: log analyser Jun 12 2009 03:32PM Richard Thomas (austindad gmail com) (1 replies) |
|
|
Privacy Statement |
> Hi,
>
> can someone of you recommend a good enterprise log analyser solution? i have to collect, corrolate and analyse about 1200 windows machines and 200 linux boxes. i want to do this in real-time, trigger actions (like email notification), make sense out of e.g. ten failed login attempts following the one successful etc.
I am currently deploying this nice appliance:
http://www.balabit.com/network-security/syslog-ng/log-server-appliance/
which also encrypt and signs logs, very good support, but you could want to configure a software by yourself. So,
http://www.splunk.com/
http://eiqnetworks.com/products/SecureVue/Data_Collection.shtml
http://www.gfi.com/eventsmanager (very good but no encryption)
Cheers,
--
Giuseppe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkokCLwACgkQBBweuI38trwrfwCdH+dAqEpB4m/uXmiYI/ULID2E
r+sAoIYpzY5rNnH0NIKe+Q9fYSLDZWvF
=GkIM
-----END PGP SIGNATURE-----
[ reply ]