Re: logging windows text-based files to central logging server

[Michael Bayne <baynema () JMU EDU>]

We're sending everything to a central syslog-ng server, and the
syslog-ng server forwards select logs to other systems such as the Cisco
CS-MARS box, a test splunk box, and a couple of other legacy syslog
servers looking for specific traffic.

Deepak J. Mathew wrote:
> This doesn't answer your question, but what central logging tool are you
> using?  Thanks!
>
> Dee
>
>
> Deepak J. Mathew
>
> Systems Manager - Administrative Systems
>
> Rice University
>
>
>
> (t) 713-348-4328
>
>
> -----Original Message-----
> From: Michael Bayne [mailto:baynema () JMU EDU]
> Sent: Friday, July 27, 2007 9:33 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] logging windows text-based files to central logging
> server
>
> We have a number of windows applications logging to text-based log files
> (IIS, apache, app servers, etc).  We'd like to get these logs off of the
> windows servers and onto our central syslog server and CS-MARS device in
> a (near) real-time manner. So far, I haven't been able to find a tool to
> do this reliably.  Intersect Alliance's Epilog Agent for Windows is the
> best I've seen so far, but I've found it prevents log rotation.
>
> So, I'm curious as to what you are doing.  Are you logging these
> text-based logs to a central location (syslog or otherwise)?  What tools
> are you using to do so?
>
> Thanks.

--

Mike Bayne
Security Engineer
baynema () jmu edu
1.540.568.1684

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature