Home page logo

pauldotcom logo PaulDotCom mailing list archives

Re: Logrhythm & Splunk
From: "Champ Clark III [Softwink]" <champ () softwink com>
Date: Wed, 18 Aug 2010 10:27:12 -0400

On Wed, Aug 18, 2010 at 10:29:22AM +0300, Ali Alhebshi wrote:
If you work for a large organization, I wouldn't recommend splunk. Though
it's not bad to meet regulatory "log management" related requirements. If
your main goal is security, you better consider a SIM. It's a hassle to
fine-tune Splunk to meet your security requirements. Don't think of modules,
most of them are in beta and don't work as they say (EVEN COMMERCIAL).

        You might want to consider checking this out.  It's a project
that I've been working on for a while.  It's consider "beta",  but
the current SVN is pretty dang stable and we're working on it quite
a bit.   Anyways,  here's the skinny ...


        Champ Clark III | Softwink, Inc | 800-538-9357 x 101

GPG Key ID: 58A2A58F
Key fingerprint = 7734 2A1C 007D 581E BDF7  6AD5 0F1F 655F 58A2 A58F
If it wasn't for C, we'd be using BASI, PASAL and OBOL.

Attachment: _bin

Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]