Educause Security Discussion
mailing list archives
Re: Log management
From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Thu, 1 Feb 2007 11:15:52 -0600
We're shortly going to run an RFP process, so results from your RFI
could be useful.
We're looking for a state-wide (~50-location ~35 institutuion)
hierarchical multi-managed solution, aka campus devices which can be
useful locally and bubble up extracts to a master console.
Are you on the smaller side? I don't see Arcsight, LogLogic, and some
of the more scalable players on your list.
mclaugkl () UCMAIL UC EDU 2007-01-31 07:34 >>>
If you aren't in a hurry touch back with me in a month or so and I
should have some good data to share with you. We have an RFI for a
solution out now and the following is a list of just a few of the
vendors who have stated they are responding:
and a handful of local vendors
If anyone else wants a summary of what we find out just let me know and
I'll send it your way.
From: Charles L. Bombard [mailto:BombardC () CCV EDU]
Sent: Wed 1/31/2007 8:01 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Log management
What would you all recommend for central log management? We
currently looking at GFI eventmanager. The ideal solution will combine
the monitoring of both windows and linux logs, and have the ability to
generate alerts based on our settings.
Recommendations of things to look at as well as things to
Charles Bombard, GSEC
Community College of Vermont
119 Pearl Street
Burlington, VT 05401
bombardc () ccv edu
PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated
recipient only and may contain privileged, confidential, or otherwise
private information. If you have received it in error, please notify
sender immediately and delete the original. Any other use of an email
received in error is prohibited.
- Re: Log management, (continued)