Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Sat, Mar 17, 2012 at 1:40 AM, Scott Ehrlich <srehrlich at gmail.com> wrote: > I'm looking for log management options for a network of Windows and > Linux hosts on an isolated network. > > I need tcp communication (vs udp) to ensure messages successfully get > passed from client to log server. > > Encryption of the message, too, between client to server would be > great. ? ?TCP alone would just provide plain-text. > > I've been in touch with Intersect Alliance, and they've been extremely > helpful with a myriad of questions I've posed, but I just learned that > their server product requires its own Linux OS, provided by them. ? A > bit of a bummer. > > Solarwinds, owner of Kiwi, won't return my emails. > > Corner Bowl is Windows-centric. > > Envision is just way too expensive. > > What other products are out there? > > Thanks. > > Scott Someone asked me what my goal was - I want to have a central location (database/file on a server) where successful and failed login attempts, objects accessed, system events such as discs inserted and data copied, are stored, machine powered up/down, media added/removed (usb devices, etc) along with machine name/ip and user, and an easy way to sort by user, date, time, status (success/failure), etc, for a given period of time, that period defined by the auditor. All events in the central database should mirror the events stored on the respective local machine they are sent from - thus the log server would have just a copy of what the local machine has. The above should be for both Linux and Windows systems. Thanks. Scott
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |