Re: [logs] Sentry/Counterpane how is it working ?

From: Corey Merchant (cmerchantat_private)
Date: Tue Mar 19 2002 - 07:32:45 PST

Next message: Tina Bird: "[logs] Exchange server message documentation"

Previous message: Drew: "Re: [logs] immutable bit"
In reply to: Drew: "Re: [logs] Sentry/Counterpane how is it working ?"
Next in thread: Michael.Slifcakat_private: "RE: [logs] Sentry/Counterpane how is it working ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

/* Disclaimer: I work for LURHQ, a competitor to Counterpane. */

LURHQ's managed monitoring solution (Managed SherlockESM) has some the 
features you mention. 

- The aggregation appliance (called Inspector), in addition to normal 
monitoring and reporting, also checks tcp or udp services on any hosts for 
which it is configured to do so. It may also be configured to just ping.

- The aggregation appliance receives events (from flat-file monitoring 
agents, NT Event Log monitoring agents, syslog, SNMP, SMTP, and OPSEC) and 
sends them encrypted (certificate authenticated) to the LURHQ SOC. 

- The agents may be configured to check, alert, and report on disk usage, 
memory usage, process count, and network stats (fin wait count, time wait 
count, established connections, etc.).

Corey Merchant
LURHQ Corporation
www.lurhq.com

On Monday 18 March 2002 15:55, Drew wrote:
> Tina Bird wrote:
> > To follow up on this, finally:
> >
> > 1) Yes, agent software is required to monitor
> > Windows systems.  I am personally particularly fond
> > of Event Reporter, as I think we've discussed on this
> > list before, but we'll work with any EventLog to
> > syslog forwarder that a customer cares to install.
>
> Personally, I've never understood why there wasn't more of an
> event generator vice a simple collector.  What I mean is, the
> CP solution ( as I understand it ) simply collects and forwards
> to a central host on the customer network, and from there to
> their own Ops center.  Wouln't it be nicer if there was agent
> software for both *ix and Win32 that not only forwarded data
> (preferably encrypted) but also expanded the ability to generate
> events. Something that monitored ports and possibly the system in
> a finer way than general syslog/windows events.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: loganalysis-unsubscribeat_private
> For additional commands, e-mail: loganalysis-helpat_private

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Tina Bird: "[logs] Exchange server message documentation"
Previous message: Drew: "Re: [logs] immutable bit"
In reply to: Drew: "Re: [logs] Sentry/Counterpane how is it working ?"
Next in thread: Michael.Slifcakat_private: "RE: [logs] Sentry/Counterpane how is it working ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 19 2002 - 08:08:57 PST