[145324] in North American Network Operators' Group
RE: events
daemon@ATHENA.MIT.EDU (Jones, Barry)
Tue Oct 4 11:48:31 2011
From: "Jones, Barry" <BEJones@semprautilities.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Tue, 4 Oct 2011 08:47:22 -0700
In-Reply-To: <4E85CA71.6030003@ip-solutions.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
A sub question to this would be - is anyone using an app or client that wil=
l forward windows OS events to said collector? I've seen Loglogic and other=
s. Was just curious if you've used a small scale version to collect securit=
y events - log on, log off, etc...?
-----Original Message-----
From: Harry Hoffman [mailto:hhoffman@ip-solutions.net]=20
Sent: Friday, September 30, 2011 6:56 AM
To: nanog@nanog.org
Subject: Re: events
It's a bit old but still works well. Russel Fulton and I worked on this whe=
n I was down in NZ.
You still need to run syslog-ng but this allows you to ignore, warn, alert =
on logs via regex.
http://www.ip-solutions.net/syslog-ng/
Cheers,
Harry
On 09/30/2011 09:50 AM, harbor235 wrote:
> What is everyone using to collect, alert, and analyze syslog data?
> I am looking for something that can generate reports as well as support
> multiple vendors. We have done some home grown stuff in the past but
> would be interested in something that incorprates all the best features.
>
> Soalrwinds, splunk, fwanalog, and others come to mind, any other good one=
s
> out there?
>
>
> Mike
>
