Splunk is nice too, and if you're on a budget the price is right :-) I think GFI generates "prettier" reports. The interface is basically exactly like every other GFI product, so if you're not used to working with them I can see where someone would say it is clunky. But once you get used to it, it's not that bad.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Robert Miller Sent: Tuesday, October 06, 2009 12:59 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] GFI Events Manager - Opinions? Does Splunk do the same things GFI does (less or more)? How are the reporting features of Splunk for Security and PCI? - Robert Butturini, Russell wrote: > > Then GFI should work perfectly for you. We set these exact kinds of > reports up for a customer of ours for J-SOX (Japan's version of our > SOX which is almost all IT oriented). > > ----- Original Message ----- > From: [email protected] > <[email protected]> > To: PaulDotCom Security Weekly Mailing List > <[email protected]> > Sent: Tue Oct 06 11:59:34 2009 > Subject: Re: [Pauldotcom] GFI Events Manager - Opinions? > > As far as our Cisco devices those are all going to Orion a Solarwinds > product, which I also know little about as the senior network engineer > works on. > > I am mainly looking to flag login attempts and other security related > items. The company has virtually no security in place and I am trying > to not only bring that to the table but also spot anything that may be > on the network/systems already. > > The systems guy is wanting GFI for auditing of software installs and > event log management. > > - Robert > > Butturini, Russell wrote: > > I think it depends on what you're trying to accomplish with it. I very > > much like the reporting engine that EventsManager has, and it does a > > pretty good job at classifying and archiving Windows events. We had > > some issues with the way it pulled logs from Cisco firewalls (both Pix > > and ASA) though. > > > > If you'll go into some more detail on what you want to accomplish I can > > try to help out. I've worked with it quite a bit. > > > > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]] On Behalf Of Robert > > Miller > > Sent: Tuesday, October 06, 2009 10:27 AM > > To: PaulDotCom Security Weekly Mailing List > > Subject: [Pauldotcom] GFI Events Manager - Opinions? > > > > Hey Everyone, > > > > What is everyones opinion of GFI Events Manager? > > > > Do you suggest something different? > > > > Our company does not have a huge budget otherwise I could look at things > > > > like Tenable, however we have absolutely nothing and need something. > > One of my co-workers suggested GFI, but I have no experience or opinion > > on the product, thus I turn to you good folks :-) > > > > Thanks, > > > > Robert > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > > ************************************************************************ ****** > > This email contains confidential and proprietary information and is > not to be used or disclosed to anyone other than the named recipient > of this email, > > and is to be used only for the intended purpose of this communication. > > > ************************************************************************ ****** > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > ************************************************************************ ****** > This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, > and is to be used only for the intended purpose of this communication. > ************************************************************************ ****** > ------------------------------------------------------------------------ > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
