A sub question to this would be - is anyone using an app or client that will forward windows OS events to said collector? I've seen Loglogic and others. Was just curious if you've used a small scale version to collect security events - log on, log off, etc...?
-----Original Message----- From: Harry Hoffman [mailto:hhoff...@ip-solutions.net] Sent: Friday, September 30, 2011 6:56 AM To: nanog@nanog.org Subject: Re: events It's a bit old but still works well. Russel Fulton and I worked on this when I was down in NZ. You still need to run syslog-ng but this allows you to ignore, warn, alert on logs via regex. http://www.ip-solutions.net/syslog-ng/ Cheers, Harry On 09/30/2011 09:50 AM, harbor235 wrote: > What is everyone using to collect, alert, and analyze syslog data? > I am looking for something that can generate reports as well as support > multiple vendors. We have done some home grown stuff in the past but > would be interested in something that incorprates all the best features. > > Soalrwinds, splunk, fwanalog, and others come to mind, any other good ones > out there? > > > Mike >
