Home page logo

basics logo Security Basics mailing list archives

RE: FW/IPS log correlation software
From: Wong Yu Liang <wong.yuliang () vads com>
Date: Fri, 4 Apr 2008 09:37:39 +0800

Try http://www.ossim.net/

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Raimar Melchior
Sent: Thursday, April 03, 2008 9:39 PM
To: security-basics () securityfocus com
Subject: FW/IPS log correlation software

Hello list,

we want a central log station where logs from firewalls, ips and other
security devices are sent to. All of our components support the syslog
The challange is to filter and correlate this huge amount of logs. We
also want to create filtering and reports (graphical). The server should
have a graphical frontend (gui).
We tried the kiwi syslog server but it doesn't meet our requirements.
Any good enterprise software out there ?
Any suggestions would be very appreciated.

Many Thanks,

Security Consultant


Niederlassung Köln
Von-der-Wettern-Str. 25
51149 Köln

office: +492203-69923-16
mobile: +49170-2265680
eMail: rm () crocodial de

Sitz der Gesellschaft: Hamburg
Eingetragen: Amtsgericht Hamburg Nr. HRB 83456
Geschäftsführung: Wolfgang Dierke, Helmut Hansen, Lutz Klöber

CROCODIAL SecurityDays 2008:
  Berlin:      16.04.2008          Hamburg:     22.02.2008
               26.09.2008                       05.09.2008
  Bremen:      04.04.2008          Hannover:    18.04.2008
               12.09.2008                       19.09.2008
  Dortmund:    23.10.2008          Köln:        05.06.2008
  Düsseldorf:  10.04.2008

No virus found in this incoming message.
Checked by AVG.
Version: 7.5.519 / Virus Database: 269.22.5/1356 - Release Date: 4/2/2008 4:14 PM

No virus found in this outgoing message.
Checked by AVG.
Version: 7.5.519 / Virus Database: 269.22.5/1356 - Release Date: 4/2/2008 4:14 PM

This message may contain confidential and privileged information for its intended recipient(s) only. If you are not an 
intended recipient, you are hereby notified that any review, dissemination and distribution, printing or copying of 
this message or any part thereof is strictly prohibited. Please delete the entire message and inform the sender of the 
error. Any opinions, conclusions and other information in this message that are unrelated to the official business of 
VADS Berhad are those of the individual sender and shall be understood as neither explicitly given nor endorsed by VADS 
Berhad. VADS Berhad does not authorise any of its employees to make any defamatory or seditious statements which is 
contrary to the laws of Malaysia. Any such communications by such employees are outside their scope of employment and 
VADS Berhad shall not be liable for such communications.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]