PaulDotCom mailing list archives
Re: Logrhythm & Splunk
From: "Champ Clark III [Softwink]" <champ () softwink com>
Date: Wed, 18 Aug 2010 10:27:12 -0400
On Wed, Aug 18, 2010 at 10:29:22AM +0300, Ali Alhebshi wrote:
If you work for a large organization, I wouldn't recommend splunk. Though it's not bad to meet regulatory "log management" related requirements. If your main goal is security, you better consider a SIM. It's a hassle to fine-tune Splunk to meet your security requirements. Don't think of modules, most of them are in beta and don't work as they say (EVEN COMMERCIAL).
You might want to consider checking this out. It's a project that I've been working on for a while. It's consider "beta", but the current SVN is pretty dang stable and we're working on it quite a bit. Anyways, here's the skinny ... http://sagan.softwink.com -- Champ Clark III | Softwink, Inc | 800-538-9357 x 101 http://www.softwink.com GPG Key ID: 58A2A58F Key fingerprint = 7734 2A1C 007D 581E BDF7 6AD5 0F1F 655F 58A2 A58F If it wasn't for C, we'd be using BASI, PASAL and OBOL.
Attachment:
_bin
Description:
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Logrhythm & Splunk Michael Allen (Aug 14)
- Re: Logrhythm & Splunk John Lowry (Aug 17)
- Re: Logrhythm & Splunk Ali Alhebshi (Aug 18)
- Re: Logrhythm & Splunk Champ Clark III [Softwink] (Aug 20)
- Re: Logrhythm & Splunk Chris Keladis (Aug 21)
- Re: Logrhythm & Splunk Ali Alhebshi (Aug 18)
- Re: Logrhythm & Splunk Michael Allen (Aug 21)
- Re: Logrhythm & Splunk Michael Dickey (Aug 21)
- Re: Logrhythm & Splunk John Lowry (Aug 17)