[logs] Exchange Logging May 08 2008 11:14PM
Philip Webster (p webster qut edu au) (1 replies)
[logs] Summary: Exchange Logging May 12 2008 01:49AM
Philip Webster (p webster qut edu au) (1 replies)
Most of the replies went to the list, but a brief summary:

Philip Webster wrote on 09/05/2008 09:14 :
> Just wondering how people handle Exchange logs ...

[ snip ]

> So do you centralise your logs? Use message tracking? Or ...? Is
> there third-party (free/open?) software which you use for analysing the
> logs?

Snare Epilog for Windows

Free, open source, can send to a syslog or Snare server.


Commercial, appears to be licensed per volume, provides more
than just log collection.


Commercial, licensed per logging device, provides more than just
log collection.

Splunk and EventTracker look like they're firmly in the SIEM space.

Snare Epilog is more analogous to a syslog daemon for Windows, with
built-in Exchange support. (And it is developed in Australia!)

Thanks to all who replied. I'll try to provide an update when we're up
and running - particularly once we've begun to analyse the logs.



Philip Webster, IT Security Engineer
Queensland University of Technology
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]

[ reply ]
RE: [logs] Summary: Exchange Logging May 13 2008 08:21AM
Rainer Gerhards (rgerhards hq adiscon com) (1 replies)
Re: [logs] Summary: Exchange Logging May 16 2008 05:03PM
Daniel Cid (dcid ossec net)


Privacy Statement
Copyright 2010, SecurityFocus