Out of curiosity, when was it that you used OSSIM? It's had some significant changes in the last 6 months.
On Tue, Oct 6, 2009 at 5:42 PM, Robert Miller <[email protected]> wrote: > I have used OSSIM and I liked it for the most part. I did find that > with the traffic we passed it became overwhelmed and the hard drives > filed up in under a day (140GB) making it completely unresponsive. > > You may want to make sure to partition off things such as your logs so > if you fill up the partition you can still access and operate the server. > > Let me know how it works out for you, I was pulled off the project for > another of higher priority but should be back on it in a month or so. > > *** Personal Note - All answers to this are great as I know many have > thought this same thing and it is asked often *** > > - Robert > > Andrew Ellis wrote: >> You might look into using OSSIM. It's great for aggregating events and >> viewing them. It's pretty modular so odds are good you'll be able to >> get what you're looking at plugged into it. It also has jasperserver >> running within it, which let's you write reports pretty easily from >> the data you've already got. >> >> https://www.alienvault.com/products.php?section=OpenSourceSIM >> >> On Tue, Oct 6, 2009 at 2:58 PM, Jason Wood <[email protected]> wrote: >> >>> Hey all, >>> I've been asked to try to put together reporting for security related issues >>> and items. I've created a starting place for what I would like to report >>> on. I REALLY don't want to put all this into a spreadsheet and try to >>> maintain that. I'd prefer some kind of dashboard which could pull >>> information from ticketing systems, scripts, etc to make at least some of >>> the updates. >>> >>> Does anyone know of an open source app like this or could be a decent base >>> to start with? And, rather than set this idea in stone, I'm open to >>> different ideas if someone has an alternative that they are using. >>> >>> Thanks, >>> Jason >>> >>> -- >>> >>> irc: Tadaka >>> Twitter: Jason_Wood >>> jwnetworkconsulting.com >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >>> >> >> >> >> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Andrew Ellis http://www.samurainet.org/blog _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
