On Wed, Jan 28, 2009 at 10:27 AM, Kenton Brede <[email protected]> wrote:
> We've got a few Windows boxes that must be PCI compliant. We've got a
> mix of Windows and Linux servers, as well as network devices we'd like
> to track. We're looking at LogRhythm and ArcSite. PCI compliance is
> driving this, but we'd like to have central logging for our other
> devices as well. Given our budget situation I'm not sure LogRhythm
> and ArcSite will work for us. The minimum of what we need is the
> ability to gather logs, log search, event notification and creating
> PCI reports. I'm aware of Splunk, which might work for us, but they
> didn't reply to our RFP. Does anyone know of other lower cost to free
> alternative SEMs?
If you're on a budget, and don't mind DIY, it's hard to beat free:
http://www.occam.com/sa/
Using something like syslog-ng and SEC won't give you packaged audit
reports, but it can probably satisfy your requirements if you put a
little elbow grease into it.
--------------------------------------------------------------------
Leon Towns-von Stauber http://www.occam.com/leonvs/
"We have not come to save you, but you will not die in vain!"
_______________________________________________
Discuss mailing list
[email protected]
http://lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
