If you're not opposed to commercial products, I can highly recommend LogRhythm. It's quite powerful, yet easy to use. Note that with any log analyzer, the setup is a pain.
- Mick On Fri, Jun 5, 2009 at 1:58 PM, John Lowry<[email protected]> wrote: > I really like using OSSEC on my syslog machine to scan for EOI for me an > alert me when stuff happens. I then use Splunk for searching through > those events. > > Paul Asadoorian wrote: >> Splunk was one of those tools that got popular after I left the >> university. I think we need to do a tech segment on it as its been >> highly recommended by many. >> >> Cheers, >> Paul >> >> Russell Butturini wrote: >>> Commercial or open source? For commercial we like Cisco’s CS-MARS, but >>> that’s a big investment. Free tools, Splunk is pretty darn good. > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
