Home page logo

basics logo Security Basics mailing list archives

RE: FW/IPS log correlation software
From: "Loupe, Jeffrey J" <JLoupe () whitneybank com>
Date: Fri, 4 Apr 2008 13:29:45 -0500

We use NetIQ Security Manager for this purpose.


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Raimar Melchior
Sent: Thursday, April 03, 2008 8:39 AM
To: security-basics () securityfocus com
Subject: FW/IPS log correlation software

Hello list,

we want a central log station where logs from firewalls, ips and other 
security devices are sent to. All of our components support the syslog 
The challange is to filter and correlate this huge amount of logs. We 
also want to create filtering and reports (graphical). The server should 
have a graphical frontend (gui).
We tried the kiwi syslog server but it doesn't meet our requirements. 
Any good enterprise software out there ?
Any suggestions would be very appreciated.

Many Thanks,

Security Consultant


Niederlassung Köln
Von-der-Wettern-Str. 25
51149 Köln

office: +492203-69923-16
mobile: +49170-2265680
eMail: rm () crocodial de

Sitz der Gesellschaft: Hamburg
Eingetragen: Amtsgericht Hamburg Nr. HRB 83456
Geschäftsführung: Wolfgang Dierke, Helmut Hansen, Lutz Klöber

CROCODIAL SecurityDays 2008:
  Berlin:      16.04.2008          Hamburg:     22.02.2008
               26.09.2008                       05.09.2008
  Bremen:      04.04.2008          Hannover:    18.04.2008
               12.09.2008                       19.09.2008
  Dortmund:    23.10.2008          Köln:        05.06.2008
  Düsseldorf:  10.04.2008


Confidentiality Notice:

This E-Mail transmission (and/or the documents accompanying it)
may contain information belonging to the sender which is 
confidential, privileged and/or exempt from disclosure under 
applicable law.  The information is intended only for the use
of the individual(s) or entity named above.   If you are not
the intended recipient, you are hereby  notified that any
disclosure, copying, distribution or the taking of any action
in reliance on the contents of this information is strictly 
prohibited.  If you have received this E-Mail transmission 
in error, please immediately notify us by return E-Mail or 
telephone to arrange for return of its contents including any

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]