look into http://www.graylog2.org/ it's a part of the solution - add elastic etc
On Mon, Aug 12, 2013 at 9:56 PM, Meenoo Shivdasani <[email protected]> wrote: > On Sun, Aug 11, 2013 at 1:12 PM, Corey Quinn <[email protected]> wrote: > >> >> Disclaimer: I love Splunk. I just wish I could *afford* it! > > > I have been trying (unsuccessfully) to get Splunk into various $work > environments for the past ~10 years or so with no success. To date, although > I think Splunk is excellent, I have been unable to convert my belief into > compelling reasons for management to approve expenditures. > > @ current $job, part of that reticence is directly related to the licensing > costs. We log millions of events hourly and the ballpark figures I've been > given by sales reps are higher than senior management will approve since we > already have a SIEM in place. To date, I haven't been successful in taking > the eval version and utilizing it to provide a viable proof of concept. > > Dear Splunk, I wuvs you, but have not yet been able to demonstrate to the > bean counters how much you rock. > > Rgds, > > M > > > > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
