RE: syslog
From: R. Maheswaran (MaheswaranR_at_catsglobal.co.in)
Date: 09/24/04
- Previous message: Stephen W. Corey - 5535: "RE: PortFast Question"
- Maybe in reply to: Tran, Nhon: "syslog"
- Next in thread: Clarke, Tyronne (Contractor): "RE: syslog"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Anich, Ryan L '" <RAnich@smdc.org>, "''Tran, Nhon' '" <Nhon.Tran@logicacmg.com>, "'security-basics@securityfocus.com '" <security-basics@securityfocus.com> Date: Sat, 25 Sep 2004 01:30:09 +0530
For the same kind of environment, I am using Computer Associates eTrust
Audit integrated with Security command center for an easy event management
and consolidation of logs + administration of all the Security
infrastructure from one web based console.
eTrust Audit addresses these requirements with a superior
audit collection mechanism that can marshal a wide range of
audit trail data from a diverse set of systems, applications and
appliances. In addition, eTrust Audit lets you create and manage
a centralized policy regarding the retention of this valuable
information and also provides the following:
* Consolidated views of the audit information collected
*Versatile reporting
* Highly customizable support for creating policies that can be
used to initiate alert or other actions in response to events
* Integration with Unicenter® Event Management
* Integration with the eTrust(tm) Security Command Center
*Monitor Your Enterprise With Our Leading Auditing Tool
With eTrust Audit, you can collect security event data from a
wide range of sources throughout your enterprise, such as the
following:
* UNIX servers
* Windows NT servers
* Windows 2000 servers
* Web servers
* eTrust open systems products
* eTrust mainframe security products such as eTrust(tm)
CA-ACF2® Security and eTrust(tm) CA-Top Secret® Security
* IBM mainframe security products such as RACF
* And other sources as well
Plus, eTrust Audit stores this information in a central database
for easy access and reporting.
Administrators use eTrust Audit to monitor, respond to alerts,
and create reports for historical and forensic analysis. Most
importantly, administrators can collect the audit information
created by the diverse set of security tools in the enterprise, so
that they can reference a single source to support the important
tasks of security analysis (sometimes referred to as analytics)
required to effectively monitor and manage security in the
enterprise.
Mahesh
-----Original Message-----
From: Anich, Ryan L
To: 'Tran, Nhon'; security-basics@securityfocus.com
Sent: 9/24/2004 6:50 PM
Subject: RE: syslog
I am not sure how in depth you are planning to go with your strategy,
but
this is what I am looking at for a solution for my company.
-----Original Message-----
From: Tran, Nhon [mailto:Nhon.Tran@logicacmg.com]
Sent: Monday, September 20, 2004 2:36 AM
To: security-basics@securityfocus.com
Subject: syslog
Hi all
One of the companies I support wants to implement a syslog strategy for
all
their infrasturcture devices.. Unix boxes, windows server, cisco comms
devices. To hopefully capture all the logs, we're talking about lots of
logs, their domain servers log about 300K items a day!.. Unix boxes log
heaps too about 70K per day per server!.. They have around 80 unix
server,
120 windows servers and about 150 comms devices.. Any idea what the best
way
to go about this would be, also any suggestions of what log analysis
software to use?
Nhon
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be
copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.
------------------------------------------------------------------------
--- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ----
- Previous message: Stephen W. Corey - 5535: "RE: PortFast Question"
- Maybe in reply to: Tran, Nhon: "syslog"
- Next in thread: Clarke, Tyronne (Contractor): "RE: syslog"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
