Loglogic - Not sure about a reseller in the Philippines, try emailing Joe Micali @ jmicali@private who works for them, he should be able to help. I've tried splunk out and it looked ok, just wasn't what I needed at the time. It was fairly easy to install, you might want to just give it a go and see if it fits your needs. -----Original Message----- From: Mark Jayson R. Alvarez [mailto:mark.a@private] Sent: Friday, October 13, 2006 3:21 AM To: Clayton Dukes (cdukes) Cc: loganalysis@private Subject: Re: [logs] Recommended Log analysis tool (follow up) On Friday 13 October 2006 09:44, Clayton Dukes (cdukes) wrote: > Couple of options: > Free tool: > php-syslog-ng, which is a tool that I've contributed a lot of code for. > More information on it can be found on my NMS Wiki site at > http://nms.gdd.net/index.php/Syslog yes, we're already using it for viewing our routers'/switches'(cisco/juniper) log files being collected by syslog-ng. Someone here have recommended splunk, I wonder how can it be compared to it? > Commercial: > LogLogic -- I've been demoing this for a very large customer (~30,000 > devices) and it performs extremely well. Can you please give me a very little insight on how it does when compared to sawmill and/or manage engine.. We will use both for our sonicwall and fortigate firewalls and soon probably for pix and other firewall products. I've seen the flash demo presentation and I guess the thing has been designed absolutely for log management, consolidation, correlation and reporting. Do you happen to know any reseller here in the Philippines? Can it meet the requirements below? Requirements: ======================================= * Availability of technical support (ex: 24x7, email, phone, chat, etc.) * Patch or updating of software is this included or an additonal expense? * List of Managed Security Service Providers using the software * Sizing guidelines - what server specs for X number of clients * For contingency or redundancy purposes can we mirror the data on another server and would this entail additional cost? * Are there steps to backup and resotore data in case of a system crash? * Would it have a capability to have views for different clients * Can the reports be exported to a file, if so what formats? PDF, DOC, etc? * What reports can be generated: - # of blocked IPs/Ports - Source/Dest IP - IPs, AV, AS report from Fortigate? - Top Users - Weekly, Montly, Daily, historical, etc. - Others PLEASE EXPLORE * Would the built-in syslog have an ACL facility to avoid being probed from the public Internet. * Would it support different logging from various firewall vendor on a single machine. * Please list down features outside the above ____________________________________________________________ _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Fri Oct 13 2006 - 12:00:57 PDT