Re: Enterprise Log Management Systems

Hi , I am just finishing writing a comparison between Loglogic, Splunk
Professional and Snare server..
I already wrote a tutorial on how tog et snare and splunk to work together
and how to use spunk's search feature.

I have worked with all 3 and I think it really depends on your price tag and
complexity requirements.


Loglogic and lasso is a good but quite pricey solution, snare and snare
server is less costly but doesn't have some nice features (i am extremely
fond of splunks search and speed feature i have to say) found in the other
products and the same goes for splunk.

All 3 can be made to collect data from pretty much any OS out there.


Here is the write-up of snare and splunk:
http://blog.2blocksaway.com/2007/04/03/snare-and-splunkfull-logging-for-ever
yone-logs-manage-them-well-on-ubuntu/#comment-9423

And I will post here when the write-up of all 3 is done, should be tomorrow
or so.


Cheers

//Flosse
http://blog.2blocksaway.com



On 4/25/07 4:56 PM, "Tornado" <itsec_guy@xxxxxxxxxxxxxx> wrote:

Hi All,

I would like to know which are the best Enterprise log management systems
out there in the market. Both commercial and Open source are fine.
Here are the requirements:

1. Log collection from variety of systems like Windows, Linux, Routers and
firewalls.

2. Analysis of collected logs and co-relation.

3. Report generation for the activities for starndards like ISO 270001

4. Email/SMS alerts.

Thanks in advance.

----------------------------------------------------------------------
Get a free email address with REAL anti-spam protection.
http://www.bluebottle.com