[145234] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: events

daemon@ATHENA.MIT.EDU (Kevin Kadow)
Sat Oct 1 00:40:52 2011

In-Reply-To: <-3411316358946087267@unknownmsgid>
Date: Sat, 1 Oct 2011 00:39:49 -0400
From: Kevin Kadow <kkadow@gmail.com>
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On Fri, Sep 30, 2011 at 2:44 PM, Ukpong Ukpong <ukpong.ukpong@gmail.com> wrote:
> Have you tried qradar? It's rather good

I've used  Splunk and QRadar;  both are available as free VMware
appliances with limitations on log volume, sufficient for testing.  Or
if you're mostly looking at webserver/proxy/firewall logs, Sawmill is
worth checking out.

I've also been looking into using Lancope's replicator to take in
syslog UDP and send copies to multiple loggers, since some appliances
only support a single syslog destination.

Kevin


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145234] in North American Network Operators' Group

Re: events

daemon@ATHENA.MIT.EDU (Kevin Kadow)Sat Oct 1 00:40:52 2011

daemon@ATHENA.MIT.EDU (Kevin Kadow)
Sat Oct 1 00:40:52 2011