I use a combination of syslogs for ACL's and Wireless Controllers and Vendor Apps (Procurve Manager and Cisco for switch log mgmt). MRTG (or PRTG - its paid version) for router performance.
Sysadmin have been using GFI LANGuard for MS event logs. I have not been terribly impressed with it. Ironically I was just lookign at Splunk earlier this week. Interested in what platform everyone is runnign it on. I have an available red hat system with some serious hardware behind it and plenty of VM's. Paul, I would love to see a tech segment on it. Tenable is also doing a webcast on Sec Manager this coming Wednesday for those who are interested https://www1.gotomeeting.com/register/527457881 On Fri, Jun 5, 2009 at 4:16 PM, Chris Merkel <[email protected]> wrote: > Still doing the PoC on it, but check out Q1 Labs QRadar Slim FE - It's > their full blown log management system, just limited to 500 events per > second. > > On Fri, Jun 5, 2009 at 10:19 AM, Andrew Anderson<[email protected]> > wrote: > > Just trying to wade though the choices... > > > > Looking for recommendations for syslog parsing and management tools. > (post > > gathering). > > > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > -- > - Chris Merkel > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
