[logs] Syslog and Windows
John Kinsella
jlk at thrashyour.com
Thu Jun 21 22:04:02 PDT 2007
Intersect Alliance provides their Snare client, released under the
GPL. Several of our(Kliosoft's) clients have found stability of
the Snare Windows service to be less than perfect, plus they wanted
us to provide support for the product, so we wrote our own Windows
Event -> Syslog service which we distribute with our product,
Conductor. Depending on your needs, Snare might do the trick. That's
the only "free" util that I know of...
John
Chief Scientist, Kliosoft
On Fri, Jun 22, 2007 at 12:35:29AM -0400, Bill Scherr IV wrote:
> All...
>
> What do you suggest for sending windows logs to syslog
>
> B.
>
> On 18 Jun 2007, a message purporting to be from Chris Brenton appeared:
>
> Subject: Re: [logs] Facility 101 (was: Syslog and facilities)
> From: Chris Brenton <cbrenton at chrisbrenton.org>
> To: loganalysis <loganalysis at loganalysis.org>
> Date sent: Mon, 18 Jun 2007 09:04:41 -0400
>
> > The other problem is some of the facilities are a bit dated. For example
> > there is a facility for FTP (11) but not HTTP. UUCP even has its own
> > facility (8) but of course no one uses it anymore (I use it for my Windows
> > stuff. Keeps it from getting mixed in with other log entries ;-)
> >
>
> Bill Scherr IV, GSEC, GCIA
> Principal Security Engineer
> EWA Information and Infrastructure Technologies
> bscherr at iit-tek.com
> bscherr at ewa.com
> 703-478-7608
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis at loganalysis.org
> http://www.loganalysis.org/mailman/listinfo/loganalysis
More information about the LogAnalysis
mailing list