I took a look at Splunk 6 months ago, but decided it was a bit raw and didn't have enough built-in reports. I'd like to see native support for Cisco IOS, ASA, IPS, SBC and NSEL, Windows WMI, Exchange, VMware, MS SQL, IIS, AD, maybe Avaya Communications Manager and UNIX/Linux/Syslog.
-matt From: Andrew S. Baker [mailto:[email protected]] Sent: Monday, March 14, 2011 9:40 AM To: NT System Admin Issues Subject: Re: SIEM Other options include: * http://www.trigeo.com/ * http://www.splunk.com/view/enterprise-security-suite/SP-CAAAE8Z What devices will you be tracking? ASB (Find me online via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Mon, Mar 14, 2011 at 12:33 PM, Matthew Bullock <[email protected]<mailto:[email protected]>> wrote: Does anyone have any experience/opinions with implementing SIEM or logging solutions? Right now, we're looking mainly at Accelops, Log Logic and Log Rhythm, as well as an upgrade to our existing Cisco MARS appliance and I would love to hear anyone's thoughts on these or any other solutions worth looking into. Thanks, -matt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
