I really like using OSSEC on my syslog machine to scan for EOI for me an alert me when stuff happens. I then use Splunk for searching through those events.
Paul Asadoorian wrote: > Splunk was one of those tools that got popular after I left the > university. I think we need to do a tech segment on it as its been > highly recommended by many. > > Cheers, > Paul > > Russell Butturini wrote: >> Commercial or open source? For commercial we like Cisco’s CS-MARS, but >> that’s a big investment. Free tools, Splunk is pretty darn good. _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
