You are probably right that he would get more hits, but the hits he gets may not help him with the problem he is trying to solve. The companies that fall under "Security Event Management" (or Enterprise Security Management, or Security Information Management, depending on who you ask) have some interesting products that can assist users with real-time analysis of events that have potential security implications (IDS alerts, firewall denies, login failures, etc). But they are not capable of processing and storing all the logs from a large enterprise, and retaining them for months or years in a queryable format. The problem of management and analysis of massive log data is a distinct (although similar and complementary) problem of that addressed Security Event Management products. (Vendor Disclaimer: Addamark Technologies provides solutions in the former category. Prior to joining Addamark, however, I worked for 3.5 years at a leading Security Event Management vendor.) On Tue, 2003-04-01 at 14:17, durnieat_private wrote: > Call Gartner back and use the term "Security Event Management"... > > You'll get alot more hits, trust me... > > On Mon, 31 Mar 2003 23:05:11 -0800 Mehtap Erdogan <Mehtap.Erdoganat_private> > wrote: > >Hi, > >I may be considered as a newbie at centralized logging systems, > > trying to find the best for my company reading documents, getting > >demos..etc. > >I tried (through Gartner..etc.) but couldn't find any information > >comparing different centralized logging systems. > >Is it possible to get this kind of information or something similar? > >Thanks, and sorry for my English.. > >Mehtap Erdogan, > >Security Specialist Asst, > >Central Bank of Turkey, > > > > _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Wed Apr 02 2003 - 10:11:09 PST