On Thu, 30 Aug 2012, Joseph Guanzon wrote:
Hi Guys,
I'm trying to look for a monitoring tool that I can integrate with other
monitoring tools like HP Openview, HP OVO, Geneos Active Console ( ITRS
) and BMC Patrol and I can also configure to generate ticket
automatically.
Our office is current using several tools to monitor servers status and
logs and another for the network side. I am trying to find a way to
incorporate the alerts into a single tool that is also capable of
summarizing multiple events for example when using Geneos ITRS it search
for a specific keyword on the server logs, if it sees 1000 of said
keyword it would flood you with all those as alerts instead of alerting
that the said keyword was detected 1000 times.
Has anyone ever tried using SEC to integrate with other monitoring
tools? Would it be possible to do so? Can anyone suggest a good front
end to work with SEC?
It really depends on what you mean by "integrate"
anything that can generate a syslog message can feed data into SEC
SEC can run a script when an alert is generated, so (with enough work),
it's possible to feed SEC alerts into any other tool.
As a result, SEC can be "integrated" into any other monitoring system.
SEC can be configured to consolodate alerts instead of generating 1000
alerts, so you don't need external tools to do this.
I commonly do this sort of thing where I have a set of rules for each
pattern I care about
1. alert when the pattern first appears and set a timeout and context
2. while the context from #1 is set, any additional instances of the
pattern get added to a report. a second context is set
3. when the timeout hits, if the context from #2 has been set, a new alert
is generated, including the report. The report is cleared, the timeout
is reset, and the context from #2 is cleared.
David Lang
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Simple-evcorr-users mailing list
Simple-evcorr-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Simple-evcorr-users mailing list
Simple-evcorr-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
