Security Basics mailing list archives
RE: syslog
From: "R. Maheswaran" <MaheswaranR () catsglobal co in>
Date: Sat, 25 Sep 2004 01:30:09 +0530
For the same kind of environment, I am using Computer Associates eTrust Audit integrated with Security command center for an easy event management and consolidation of logs + administration of all the Security infrastructure from one web based console. eTrust Audit addresses these requirements with a superior audit collection mechanism that can marshal a wide range of audit trail data from a diverse set of systems, applications and appliances. In addition, eTrust Audit lets you create and manage a centralized policy regarding the retention of this valuable information and also provides the following: * Consolidated views of the audit information collected *Versatile reporting * Highly customizable support for creating policies that can be used to initiate alert or other actions in response to events * Integration with Unicenter® Event Management * Integration with the eTrust(tm) Security Command Center *Monitor Your Enterprise With Our Leading Auditing Tool With eTrust Audit, you can collect security event data from a wide range of sources throughout your enterprise, such as the following: * UNIX servers * Windows NT servers * Windows 2000 servers * Web servers * eTrust open systems products * eTrust mainframe security products such as eTrust(tm) CA-ACF2® Security and eTrust(tm) CA-Top Secret® Security * IBM mainframe security products such as RACF * And other sources as well Plus, eTrust Audit stores this information in a central database for easy access and reporting. Administrators use eTrust Audit to monitor, respond to alerts, and create reports for historical and forensic analysis. Most importantly, administrators can collect the audit information created by the diverse set of security tools in the enterprise, so that they can reference a single source to support the important tasks of security analysis (sometimes referred to as analytics) required to effectively monitor and manage security in the enterprise. Mahesh -----Original Message----- From: Anich, Ryan L To: 'Tran, Nhon'; security-basics () securityfocus com Sent: 9/24/2004 6:50 PM Subject: RE: syslog I am not sure how in depth you are planning to go with your strategy, but this is what I am looking at for a solution for my company. http://www.arcsight.com/ -----Original Message----- From: Tran, Nhon [mailto:Nhon.Tran () logicacmg com] Sent: Monday, September 20, 2004 2:36 AM To: security-basics () securityfocus com Subject: syslog Hi all One of the companies I support wants to implement a syslog strategy for all their infrasturcture devices.. Unix boxes, windows server, cisco comms devices. To hopefully capture all the logs, we're talking about lots of logs, their domain servers log about 300K items a day!.. Unix boxes log heaps too about 70K per day per server!.. They have around 80 unix server, 120 windows servers and about 150 comms devices.. Any idea what the best way to go about this would be, also any suggestions of what log analysis software to use? Nhon This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ----
Current thread:
- syslog Tran, Nhon (Sep 23)
- <Possible follow-ups>
- RE: syslog Anich, Ryan L (Sep 24)
- Re: syslog Thomas Harris (Sep 27)
- Re: syslog Ramon Kagan (Sep 30)
- Re: syslog Thomas Harris (Sep 27)
- RE: syslog Michael Shirk (Sep 25)
- RE: syslog R. Maheswaran (Sep 27)
- RE: syslog Clarke, Tyronne (Contractor) (Sep 28)