You can look at splunk, depending on the size of your environment you can get by without agents. There is a lot of setup with splunk and it can get intimidating, but I have found it to often be the best solution out there. There is a free download that handles 500 Meg's of logs a day and you can reach out to their sales dept for a temp enterprise license that will allow more.
Just my two cents. Please excuse typos, I'm on my mobile On Jul 10, 2012, at 17:06, Brian Schultz <[email protected]> wrote: > So I recently started a new job at a small-ish hospital and was tasked with > setting up something that can audit security logs. It sounds and is pretty > vague, but this is for HIPAA compliance. I'm more of an infrastructure guy > and haven't had a chance to deal with security much and my only exposure is > really through the podcast. I have no idea what products are out there to do > these things. The environment here is about 99.99% Windows. I was taking a > look at Solarwinds Log and Event Manager which looks pretty good so far, but > it also requires an agent to be installed on any machines you want to monitor > which can be a hassle. > > Is there anything else that I should be taking a look at? GFI Events Manager > or some open-source solution? > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
