-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I would vehemntly disagree, everything in my enterprise that can log is logging into my SEM product. I keep 6 months of data in my very queryable storage facility... Currently I have over 35 million events that I can query and correlate through... Chris Kirschke Silicon Valley Bank On Wed, 02 Apr 2003 07:40:24 -0800 Kevin Hanrahan <kevinhat_private> wrote: >You are probably right that he would get more hits, but the hits >he gets >may not help him with the problem he is trying to solve. > >The companies that fall under "Security Event Management" (or Enterprise >Security Management, or Security Information Management, depending >on >who you ask) have some interesting products that can assist users >with >real-time analysis of events that have potential security implications >(IDS alerts, firewall denies, login failures, etc). But they are >not >capable of processing and storing all the logs from a large enterprise, >> >and retaining them for months or years in a queryable format. > >The problem of management and analysis of massive log data is a >distinct >(although similar and complementary) problem of that addressed Security >Event Management products. > >(Vendor Disclaimer: Addamark Technologies provides solutions in >the >former category. Prior to joining Addamark, however, I worked for >3.5 >years at a leading Security Event Management vendor.) > > > > >On Tue, 2003-04-01 at 14:17, durnieat_private wrote: >> Call Gartner back and use the term "Security Event Management"... >> >> You'll get alot more hits, trust me... >> >> On Mon, 31 Mar 2003 23:05:11 -0800 Mehtap Erdogan <Mehtap.Erdoganat_private> >> wrote: >> >Hi, >> >I may be considered as a newbie at centralized logging systems, >> >> > trying to find the best for my company reading documents, getting >> >demos..etc. >> >I tried (through Gartner..etc.) but couldn't find any information >> >comparing different centralized logging systems. >> >Is it possible to get this kind of information or something similar? >> >Thanks, and sorry for my English.. >> >Mehtap Erdogan, >> >Security Specialist Asst, >> >Central Bank of Turkey, >> > >> > > >_______________________________________________ >LogAnalysis mailing list >LogAnalysisat_private >http://lists.shmoo.com/mailman/listinfo/loganalysis > > -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wlsEARECABsFAj6LRuIUHGR1cm5pZUBodXNobWFpbC5jb20ACgkQ3UH5NRolsbaxJQCf dsyGhI/Xkz8F8RR9VmZ9lYgycCcAn3u5AdY+uRrXUwF/dTasVyT4C0Gl =bsVj -----END PGP SIGNATURE----- _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Apr 03 2003 - 12:58:47 PST