[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SAGE] Log collection and analysis solutions

To: sage-members@sage.org
Subject: [SAGE] Log collection and analysis solutions
From: Sean Kelly <smkelly@creighton.edu>
Date: Fri, 16 Nov 2007 11:20:16 -0600
Cc: Adam Schumacher <adamschumacher@creighton.edu>
Sender: owner-sage-members@usenix.org
User-Agent: Mutt/1.5.13 (2006-08-11)

Greetings.

One of the things we've begun to explore is collecting logs from our
servers and network gear in a centralized location with proper archiving,
analytics, and so forth. In doing so, we've begun to look at products like
Splunk for searching and data mining and mechanisms such as syslog for
pushing the logs around the network.

What have other people used and had success with for doing this sort of
thing? Further, what good tools exist out there for doing real-time
monitoring of these logs to monitor for ongoing events such as attacks,
system problems, and so forth.

Thanks for any information anyone can provide us.

-- 
Sean M. Kelly
Systems Architect
Division of Information Technology
Creighton University
(402) 280-2264
AIM: smkellyg5

Follow-Ups:
- Re: [SAGE] Log collection and analysis solutions
  - From: Brad Knowles <brad@shub-internet.org>
- Re: [SAGE] Log collection and analysis solutions
  - From: Leon Towns-von Stauber <leonvs@occam.com>

Prev by Date: Re: [SAGE] DTE: PCMCIA card which emulates a monitor?
Next by Date: Re: [SAGE] DTE: PCMCIA card which emulates a monitor?
Prev by thread: Re: [SAGE] ISP class egress anti-spam filtering
Next by thread: Re: [SAGE] Log collection and analysis solutions
Index(es):
- Date
- Thread