LOL. Leave it to Symantec to be different. I heard a rumor I may be getting first-hand experience with it so I may want to pick your brain J
Rgds --bob From: Ken Schaefer [mailto:[email protected]] Sent: Sunday, October 31, 2010 12:36 AM To: NT System Admin Issues Subject: RE: Question on Granting service account read access to Domain Controller Eventlogs Hi, We're implementing SSIM (the Symantec product) and it pulls logs. Apparently it scales... Cheers Ken From: Free, Bob [mailto:[email protected]] Sent: Friday, 29 October 2010 11:09 PM To: NT System Admin Issues Subject: RE: Question on Granting service account read access to Domain Controller Eventlogs I have learned here over the years not to be overly presumptive hence the caveat about not understanding the requirements which were a little vague to me, particularly the fact that I didn't see an agent mentioned J That's also the opposite of the SIEM solutions and MSSPs I've ever worked with as well, IME the endpoints push to the collector/aggregator and as I said, I don't envision how an aggregator pulling logs scales worth a darn so I asked the question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
