Has anyone tried Juniper's STRM set of products? I had a pitch by them the other day touting their use of a proprietary database called Ariel (yeah... under the sea. I know) which solves not only your alerting, reporting and forensics issues but also world hunger and peace in the Middle East.
After having used MySQL back ends before, I'm a little less than thrilled by products that incorporate that as a repository for XXX log items per second. Dan On Wed, Apr 8, 2009 at 10:02 PM, airwolf airwolf <[email protected] > wrote: > I would recommend at looking at: Splunk and Snare. Both tools combined give > you great flexibility, not audit nirvana but close. > > On Tue, Apr 7, 2009 at 8:55 PM, Jim Manley <[email protected]> wrote: > >> I'm looking for a security event management tool (log correlation, >> auditing, etc.) that would be suitable for small/medium size business >> environment. The environments in which it would be deployed into are >> primarily MS Windows with a smattering of Linux. >> >> It doesn't need a lot of bells and whistles and it needs to be fairly >> easy to set up and operate (the people doing the work are primarily >> physical security types with the average user's knowledge). Ideally it >> needs to trigger on Windows event manager and security manager codes for >> things like failed logins, etc. >> > -- Dan McGinn-Combs, Security+, GSEC, CISSP, CISA [email protected] Grand Central: +1 404 492 7532 Peachtree City, Georgia USA
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
