Hi, We're implementing SSIM (the Symantec product) and it pulls logs. Apparently it scales...
Cheers Ken From: Free, Bob [mailto:[email protected]] Sent: Friday, 29 October 2010 11:09 PM To: NT System Admin Issues Subject: RE: Question on Granting service account read access to Domain Controller Eventlogs I have learned here over the years not to be overly presumptive hence the caveat about not understanding the requirements which were a little vague to me, particularly the fact that I didn't see an agent mentioned :) That's also the opposite of the SIEM solutions and MSSPs I've ever worked with as well, IME the endpoints push to the collector/aggregator and as I said, I don't envision how an aggregator pulling logs scales worth a darn so I asked the question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
