Security Basics mailing list archives
RE: FW/IPS log correlation software
From: Wong Yu Liang <wong.yuliang () vads com>
Date: Fri, 4 Apr 2008 09:37:39 +0800
Try http://www.ossim.net/ -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Raimar Melchior Sent: Thursday, April 03, 2008 9:39 PM To: security-basics () securityfocus com Subject: FW/IPS log correlation software Hello list, we want a central log station where logs from firewalls, ips and other security devices are sent to. All of our components support the syslog protocol. The challange is to filter and correlate this huge amount of logs. We also want to create filtering and reports (graphical). The server should have a graphical frontend (gui). We tried the kiwi syslog server but it doesn't meet our requirements. Any good enterprise software out there ? Any suggestions would be very appreciated. Many Thanks, Raimar Security Consultant CROCODIAL IT Security GmbH Niederlassung Köln Von-der-Wettern-Str. 25 51149 Köln office: +492203-69923-16 mobile: +49170-2265680 eMail: rm () crocodial de http://www.crocodial.de/ Sitz der Gesellschaft: Hamburg Eingetragen: Amtsgericht Hamburg Nr. HRB 83456 Geschäftsführung: Wolfgang Dierke, Helmut Hansen, Lutz Klöber ---------------------------------------------------------------------- CROCODIAL SecurityDays 2008: ---------------------------------------------------------------------- Berlin: 16.04.2008 Hamburg: 22.02.2008 26.09.2008 05.09.2008 Bremen: 04.04.2008 Hannover: 18.04.2008 12.09.2008 19.09.2008 Dortmund: 23.10.2008 Köln: 05.06.2008 Düsseldorf: 10.04.2008 No virus found in this incoming message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.22.5/1356 - Release Date: 4/2/2008 4:14 PM No virus found in this outgoing message. Checked by AVG. Version: 7.5.519 / Virus Database: 269.22.5/1356 - Release Date: 4/2/2008 4:14 PM DISCLAIMER This message may contain confidential and privileged information for its intended recipient(s) only. If you are not an intended recipient, you are hereby notified that any review, dissemination and distribution, printing or copying of this message or any part thereof is strictly prohibited. Please delete the entire message and inform the sender of the error. Any opinions, conclusions and other information in this message that are unrelated to the official business of VADS Berhad are those of the individual sender and shall be understood as neither explicitly given nor endorsed by VADS Berhad. VADS Berhad does not authorise any of its employees to make any defamatory or seditious statements which is contrary to the laws of Malaysia. Any such communications by such employees are outside their scope of employment and VADS Berhad shall not be liable for such communications.
Current thread:
- FW/IPS log correlation software Raimar Melchior (Apr 03)
- RE: (SCL: 1) FW/IPS log correlation software David Prince (Apr 03)
- RE: FW/IPS log correlation software Brandon Louder (Apr 03)
- Re: FW/IPS log correlation software Jay (Apr 04)
- RE: FW/IPS log correlation software Wong Yu Liang (Apr 04)
- Re: FW/IPS log correlation software Udo Sprotte (Apr 04)
- Re: FW/IPS log correlation software bart knippenberg (Apr 04)
- RE: FW/IPS log correlation software Alfredo Cedeño (Apr 04)
- Re: FW/IPS log correlation software Albert Gonzalez (Apr 13)
- RE: FW/IPS log correlation software Nathan Sherlock (Apr 15)
- RE: FW/IPS log correlation software Loupe, Jeffrey J (Apr 04)
- Re: FW/IPS log correlation software TT-SEC (Apr 04)
- RE: FW/IPS log correlation software Kevin Ortloff (Apr 04)
- <Possible follow-ups>
- Re: FW/IPS log correlation software mgk . mailing (Apr 04)
- Re: FW/IPS log correlation software Gleb Paharenko (Apr 07)
(Thread continues...)