July 7th, 2006, 11:22 AM
I have been lately involved in lot of loganalysis tools and would like your help in deciding upon a good tool. My requirement is basically to look for log analyzer softwares with good reporting for security and compliance.
I have shortlisted 2 products:
If anyone has worked extensively on loganalysis in their respective work front, please respond with your thoughts about what an ideal log analyzer product must have (with all its bells & whistles).
July 7th, 2006, 01:59 PM
These two look ok, but have you looked into a SIM product. I'm in the process of getting management where I work to buy the Cisco Mars product. You might want to look into that product too. Are you looking for a Security Information Management product?
July 7th, 2006, 02:01 PM
How much do these products cost? Cisco Mars is going to run us about 30k for 200 host coverage.
July 9th, 2006, 02:52 AM
I use NeuSecure, which has been bought up about 3 times in the last six months. Currently, IBM owns the product.
I LOVE this console (SIM solution). I feed events from all core assets and have now got a handle on what's going on out there. The downside to any of these beasts is cost and the effort needed to tune them properly. Another nasty is bug discovery which seems to happen more so with products with "bigger than life" feature sets.
I looked at NetForensics product which was absolute crap and also at CAs offering which was less than user friendly.
ArcSite was another one I looked at but the pricing, $150 grand, left it way out of reach.
Anyway, another 2 cents.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
July 10th, 2006, 08:20 AM