This thread has now been hijacked by a discussion about the finer points of thread hijacking.
On Thu, Apr 10, 2014 at 5:01 PM, Michael B. Smith <[email protected]>wrote: > Unfortunately, most email clients are not smart enough to trim > References and Threading headers, when all you do is change the subject. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Andrew S. Baker > *Sent:* Thursday, April 10, 2014 11:43 AM > *To:* ntsysadm > *Subject:* Re: [NTSysADM] Question on those working with SEIM > > > > He didn't hijack the thread, Kurt. The subject was changed. He started a > new message via a reply, but failed to trim all the excess... > > No virtual animals were harmed by this activity... > > > > > > > > *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> > *Providing Virtual CIO Services (IT Operations & Information Security) for > the SMB market...* > > > > > > On Wed, Apr 9, 2014 at 4:57 PM, Kurt Buff <[email protected]> wrote: > > On Wed, Apr 9, 2014 at 7:48 AM, Ziots, Edward <[email protected]> wrote: > > I have a question is anyone using Snare Client out there on their > > servers/Domain Controllers, to send eventlog files to a SEIM? We are > being > > asked as a apart of a SIEM implementation to utilize the Snare Client to > > send the logs off to a Symantec (LCP (Log collection point). > > > > Any experiences on this front, since I have not utilized this before. > > Z, you hijacked a thread. That's a bit uncool... > > However, yes, I've used the Snare client, and it seems to work just > fine. Never had any problems with it. All I do is cast the logs to a > syslog server. Don't have an SEIM in-house yet, but I'm working on it. > > Kurt > > >
