Event Log Management Solution for Sarbane Oxley

I am the coordinator of Sarbane Oxley audit in my company, and looking for Event log management solution to keep track all my windows log files and Unix syslog. I found that most of the event management software available in the market are Windows-centric, and able to find one with both, which is "Event Tracker from Prism Microsystem". My question is any other product available in the market that can serve both Windows and Unix?
belimAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tmcguinessCommented:
We use Dorian which is WinCentric but is very good too.

I have heard very good things about Kiwi http://www.kiwisyslog.com/ I'd take a look at them.

Event Log Manager (ELM) is another product that I'm not very familiar with. It seems like when I was researching, it lacked features, but that's been a while & I could be remembering wrong so you could take a look.

Another consideration would be to put a syslog daemon on your winders machines and then use your *nix syslog and reporting mechanisms. The only caveat I have there is that I think you would still need to archive your windows logs in .evt. If you ever needed to prosecute somebody, the reformatted messages may not be admissable as evidence in court. It should be fine for general audit types of purposes though.

The last caveat I have is that I once had a syslog-like utility (Kane Secure Enterprise) and it would suck the logs off the machines in realtime. So if somebody was trying to figure out a problem, they could be trying to look at the error logs locally and they would instead see them scrolling off the screen. Then we'd have to go to the KSE monitor and sort through logs to find what we wanted. So anyway, just be careful because as important as logs are to you in your mission, they can be equally important to others in theirs.

Good Luck!

todd
0
belimAuthor Commented:
I am looking for Enterprise solution.KiwiSyslog is too simple, i am looking for something that can fulfill 4 processes, they are Collect, Store or Archive, Analyse, and report.
0
shahrialCommented:
> My question is any other product available in the market that can serve both Windows and Unix?
Not that I know of but your can customise. Below are some links to resources.

syslog Client Configs for Windows/Non-UNIX
http://www.loganalysis.org/sections/syslog/windows-to-syslog/

Logging via Syslog
http://www.practicallynetworked.com/support/syslog.htm

Hope it's useful...;-)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
shahrialCommented:
Here's another arcticle which may be useful for you.

How to Monitor Windows NT from Unix
http://www.aplawrence.com/Reviews/NTSyslog.html
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Fonts Typography

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.