On Wed, Apr 9, 2014 at 7:48 AM, Ziots, Edward <[email protected]> wrote: > I have a question is anyone using Snare Client out there on their > servers/Domain Controllers, to send eventlog files to a SEIM? We are being > asked as a apart of a SIEM implementation to utilize the Snare Client to > send the logs off to a Symantec (LCP (Log collection point). > > Any experiences on this front, since I have not utilized this before.
Z, you hijacked a thread. That's a bit uncool... However, yes, I've used the Snare client, and it seems to work just fine. Never had any problems with it. All I do is cast the logs to a syslog server. Don't have an SEIM in-house yet, but I'm working on it. Kurt
