[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

events

Subject: events
From: kkadow at gmail.com (Kevin Kadow)
Date: Sat, 1 Oct 2011 00:39:49 -0400
In-reply-to: <-3411316358946087267@unknownmsgid>
References: <CAB_zYdJ6au02ofnsVFOw7Zi2hLV+_z4_-uKrkxkCizzsrGq=Xw@mail.gmail.com> <CAMvhC_44gr4rS026fLDYZ1=KZHCs83gG-LQ6PTR-M44U5HamHQ@mail.gmail.com> <[email protected]> <CAHDg04sNcKMBf8+sxw3ZRVkhRFwKQU8vLvLTSJxXY+THL2wGBA@mail.gmail.com> <[email protected]> <[email protected]> <-3411316358946087267@unknownmsgid>

On Fri, Sep 30, 2011 at 2:44 PM, Ukpong Ukpong <ukpong.ukpong at gmail.com> wrote:
> Have you tried qradar? It's rather good

I've used  Splunk and QRadar;  both are available as free VMware
appliances with limitations on log volume, sufficient for testing.  Or
if you're mostly looking at webserver/proxy/firewall logs, Sawmill is
worth checking out.

I've also been looking into using Lancope's replicator to take in
syslog UDP and send copies to multiple loggers, since some appliances
only support a single syslog destination.

Kevin

References:
- events
  - From: harbor235 at gmail.com (harbor235)
- events
  - From: pfunix at gmail.com (Beavis)
- events
  - From: brandon.kim at brandontek.com (Brandon Kim)
- events
  - From: mloftis at wgops.com (Michael Loftis)
- events
  - From: brandon.kim at brandontek.com (Brandon Kim)
- events
  - From: jason at lixfeld.ca (Jason Lixfeld)
- events
  - From: ukpong.ukpong at gmail.com (Ukpong Ukpong)

Prev by Date: Latency issue - TWC NYC / Roadrunner - AS12271 / AS7843
Next by Date: [no subject]
Previous by thread: events
Next by thread: events
Index(es):
- Date
- Thread