Thanks for all the quick input folks. I will definitely look into each
solution.
-Ron
-----Original Message-----
From: Kurt Buff [mailto:kurt.buff (at) gmail (dot) com [email concealed]]
Sent: Tuesday, January 29, 2008 12:24 PM
To: Ron Johnson - Adhost
Cc: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Centralizing Event Viewer Logs
There are several alternatives, but I've settled on the Kiwisoft
syslog server (the free version is fine, but the pay version is cheap
and does some very nice extra things) and the IntersectAlliance Snare
syslog client. The Snare client takes each event entry, formats it to
a single line, then sends it to the syslog server. Install it on each
of your machines for which you are monitoring event logs, and it works
nicely.
On Jan 29, 2008 11:51 AM, Ron Johnson - Adhost <ron (at) adhost (dot) com [email concealed]> wrote:
> Hello List:
>
> I was looking into options that will allow us to centralize Event
Viewer
> Logs in an Active Directory domain - can anyone recommend any software
> for this? It would be great if we could find a piece of software that
> does just this - not a full blown enterprise security solution that
> cost$ and does many other things that we wouldn't use it for
> necessarily.
>
> Thanks!
>
solution.
-Ron
-----Original Message-----
From: Kurt Buff [mailto:kurt.buff (at) gmail (dot) com [email concealed]]
Sent: Tuesday, January 29, 2008 12:24 PM
To: Ron Johnson - Adhost
Cc: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Centralizing Event Viewer Logs
There are several alternatives, but I've settled on the Kiwisoft
syslog server (the free version is fine, but the pay version is cheap
and does some very nice extra things) and the IntersectAlliance Snare
syslog client. The Snare client takes each event entry, formats it to
a single line, then sends it to the syslog server. Install it on each
of your machines for which you are monitoring event logs, and it works
nicely.
On Jan 29, 2008 11:51 AM, Ron Johnson - Adhost <ron (at) adhost (dot) com [email concealed]> wrote:
> Hello List:
>
> I was looking into options that will allow us to centralize Event
Viewer
> Logs in an Active Directory domain - can anyone recommend any software
> for this? It would be great if we could find a piece of software that
> does just this - not a full blown enterprise security solution that
> cost$ and does many other things that we wouldn't use it for
> necessarily.
>
> Thanks!
>
[ reply ]