Is this OSSIM that app from Alien Vault? Then I guess you need much more than just "logging" and analysis. On Tue, Jun 14, 2011 at 21:04, TheMburu George <themburu@gmail.com> wrote:
Seems like syslog-ng is the way to go, though also looking at OSSIM.
./TheMburu
On Tue, Jun 14, 2011 at 5:08 PM, Michuki Mwangi <michuki@swiftkenya.com>wrote:
On 6/14/11 4:27 PM, Odhiambo Washington wrote:
Even the good old syslogd (native to most Unixes) can do the job too. What matters is what you want to do with the logs ultimately. Rather than run around, go with syslogNG and be happy.
+1 for syslog-NG - lots of customization that can be done with it. You can for instance create different log files for the various devices on your network, storage based on date and time stamps i.e have a folder for 2010, 2011, and inside for Jan, April, May, and inside dates... etc.
Lots of options.
HTH,
Michuki. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Conservatism is the adherence to the old tried against the new untried.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
