SMB Security Event Management Tool

[airwolf.security at gmail.com (airwolf airwolf)]

I would recommend at looking at: Splunk and Snare. Both tools combined give
you great flexibility, not audit nirvana but close.

On Tue, Apr 7, 2009 at 8:55 PM, Jim Manley <jmanley at aledobb.com> wrote:

> I'm looking for a security event management tool (log correlation,
> auditing, etc.) that would be suitable for small/medium size business
> environment.  The environments in which it would be deployed into are
> primarily MS Windows with a smattering of Linux.
>
> It doesn't need a lot of bells and whistles and it needs to be fairly
> easy to set up and operate (the people doing the work are primarily
> physical security types with the average user's knowledge).  Ideally it
> needs to trigger on Windows event manager and security manager codes for
> things like failed logins, etc.
>
> Thanks,
>
> Jim
> aka oaa PDP/11
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090408/6c0bfbb9/attachment.htm