Skip to main content

Log processing

I am looking at a way to help network support deal with the huge number of log entries coming from the firewalls. I could use a cool tool like splunk, but there is so much data that the cost is high. I am thinking about using a sniffer logging product maybe. I have to talk to more people, but I'm not sure what the best tools are for the job at hand.

Comments

Anonymous said…
Reading this post you are probably aware of NeuSecure but I will mention it anyway. Its now called IBM Security Manager or something. We were using it for this purpose when I was at State Street.

Jerry
Monday, July 30, 2007 1:55:00 AM
Post a Comment

Popular posts from this blog

Patching and updating for home and corporate

We all are well aware of the Microsoft patches and windows update.  Same goes for those of us who use itunes and iOS devices, we know Apple Software Update.  Some of us may even patch our Adobe products, which we should since they have been the largest attack vector (http://goo.gl/bOQ3D) for the past 2 years hands down.  This is just at home.... How do you expect the security experts to keep on top of all of these patches in a corporate environment.  The number of patches for Oracle alone is daunting to understand and analyze. There are ways to do this, you can use some clever software which I will outline below, or you can read ~25 RSS feeds and analyze vendor security bulletins.  I do enjoy doing some of this, but I don't have time to keep on top of all the releases.  Here is some software for home and corporate use to help manage this. Corporate Patch Management: Microsoft WSUS and SCCM - This is free and a no brainer for patchi...
2 comments
Read more

Moving to the Cloud and Packing up DR

In other news on a side consulting gig I am doing we moved the company from exchange to Google apps. It's been a bit painful, but it will be more efficient in terms of cost and support. With DR being very important to the firm, this is a perfect fit, especially with the Postini archiving solutions. With such a small firm it made a lot of sense, and should prove to be a perfect fit. Also we are re-architecting the overall infrastructure from a dual location (DR) setup with clustering to a single location. In the process we are moving from Windows Server 2008 to Windows Server 2008 R2. I haven't done a lot of Hyper-v, but I have done a lot of VM work, Windows, and iSCSI. This should prove to be an interesting project both on technology and moving to cloud based resources, as well as the future direction of the company. Expect more soon!
Post a Comment
Read more

Dynatrace Growth Misinformation

For my valued readers: I wanted to point out some issues I’ve recently seen in the public domain. As a Gartner analyst, I heard many claims about 200% growth, and all kind of data points which have little basis in fact. When those vendors are asked what actual numbers they are basing those growth claims on, often the questions are dodged. Dynatrace, recently used the Gartner name and brand in a press release. In Its First Year as an Independent Company, Gartner Ranks Dynatrace #1 in APM Market http://www.prweb.com/releases/2015/06/prweb12773790.htm I want to clarify the issues in their statements based on the actual Gartner facts published by Gartner in its Market Share data: Dynatrace says in their press release: “expand globally with more than three times the revenue of other new generation APM vendors” First, let’s look at how new the various technologies are: Dynatrace Data Center RUM (DCRUM) is based on the Adlex technology acquired in 2005, but was cr...
10 comments
Read more