Educause Security Discussion mailing list archives
Network flow log consolidation
From: Kim Cary <Kim.Cary () PEPPERDINE EDU>
Date: Wed, 26 Apr 2006 07:26:53 -0700
We're using nfacctd (packaged with pmacctd) with flowtools to collect/ parse/consolidate our netflow logs. It was a two day learning curve for someone with Unix SysAdmin, SQL & TCP/IP experience to set up.
Kim Cary, Ed.D. Infrastructure Security Administrator On Apr 25, 2006, at 9:00 PM, SECURITY automatic digest system wrote:
Tangential to the discussion of syslog parsing, are any others on the list evaluating or implementing products to consolidate network flow logs? This would be a precursor to trend analysis and perhaps some security event correlation processes.
Current thread:
- Re: Network flow log consolidation, (continued)
- Re: Network flow log consolidation Wes Young (Apr 25)
- Re: Network flow log consolidation Justin Dover (Apr 25)
- Re: Network flow log consolidation Jenkins, Matthew (Apr 25)
- Re: Network flow log consolidation Justin Dover (Apr 25)
- Re: Network flow log consolidation Graham Toal (Apr 25)
- Re: Network flow log consolidation Jenkins, Matthew (Apr 25)
- Re: Network flow log consolidation Wes Young (Apr 25)
- Re: Network flow log consolidation John Rasmussen (Apr 25)
- Re: Network flow log consolidation Steve Bernard (Apr 25)
- Re: Network flow log consolidation Valdis Kletnieks (Apr 25)
- Network flow log consolidation Kim Cary (Apr 26)
- Re: Network flow log consolidation Ensz, Sean A. (Apr 27)
- Re: Network flow log consolidation David Grisham (Apr 27)
- Re: Network flow log consolidation Tristan RHODES (May 01)