snowmizer
asked on
Log management appliances/software
Are there any SIEM log management appliances that allow the user to export the data captured to it's native format (e.g. Windows event log data captured in the appliance exported from the appliance back into the native Windows event log format)?
I have heard that RSA Envision can do this yet I can't find anything to tell me the allowable export formats from this appliance. Has anyone come across any legal cases where they have been asked to provide log data in its native format? I have heard that there are laws written that state that this is the case but I don't know the exact law or how people are getting around this.
Thanks.
I have heard that RSA Envision can do this yet I can't find anything to tell me the allowable export formats from this appliance. Has anyone come across any legal cases where they have been asked to provide log data in its native format? I have heard that there are laws written that state that this is the case but I don't know the exact law or how people are getting around this.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
as compared to other SIEM appliance or tools, they either rely on Oracle Database, MS SQL, or MySQL database basically any RDBMS, however with RSA it is purely in Native RAW format.
I hope this helps.
which compliance regulation are you dealing with, SOX,HIPAA,FISMA..?
hope this may help.