Re: logging server ??

mohammad-yousef · ‎10-01-2007

Dear All,

I'm searching for a logging software to recieve logging messages from all Cisco devices (switches , routers , PIXs , IPS ..etc ), also able to recieve logs from Microsoft servers.

I need to know if theres a software that able to do that ? and how can I get it ??

Thanks,

Mohammad Yousef

steve.busby · ‎10-01-2007

Mohammad,

You have a lot of options on the market today. Everything from Cisco's CS-MARS, NetIQ (http://www.netiq.com/), LogRhythm (http://www.logrhythm.com/), Netcordia's Event Analysis (http://netcordia.com/products/netmri-event-analysis.asp) or you can simply build a Linux based syslog collector and use grep or Splunk.

Depending on your needs and budget, I would start with Gartner to find the top choices, then start contacting your reseller for demo's and trials. After you've test driven several, decide what works best for your organization, get it budgeted and implemented.

HTH

Steve

Danilo Dy · ‎10-01-2007

Hi,

I use Kiwi Syslog Daemon Enterprise version USD159 http://www.kiwisyslog.com/

Regards,

Dandy

Willard Dennis · ‎10-01-2007

We use ManageEngine's EventLog Analyzer

http://manageengine.adventnet.com/products/eventlog/index.html

It can accept regular syslog mssgs from Cisco devices, etc. as well as querying Windows machines for their event log data via WMI.

You can get a 30-day demo from them at the URL above.

mohammad-yousef · ‎10-02-2007

Thanks alot for you all , I will check and try all the products you provided.

Thanks again for your help