Solved

Server security alerts monitoring

Posted on 2011-09-28
6
452 Views
Last Modified: 2013-11-29
I am looking for a effiective way to monitor  server logs  and if a certain event occurs it will send an alert (security etc). I would preffer a none paid version soluction. I know that performance monitor can do some alerts.....
OS: server 2003
Any suggestions?
0
Comment
Question by:Neal_876
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
6 Comments
 
LVL 8

Assisted Solution

by:moonie42
moonie42 earned 250 total points
ID: 36716411
I would look into SysLog (http://www.syslog.org/).  Originally developed for the *NIX world, but supports Windows as well.  It's quite robust, and will allow you to aggregate logs from multiple servers/workstations/devices, and run reporting on them.  There are add-ons to SysLog to enhance it's capabilities (i.e. AlertManager - http://www.syslog.org/wiki/Main/AlertManager) that should provide you with the functionality you're looking for.
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 250 total points
ID: 36718414
I prefer to work with Open-source... so my recommendation would be  nagios (I use it in my env.), awarded Platform ..winner of numerous awards and highly recognized, Nagios is the leader in Open Source IT infrastructure monitoring....but you can find other multiple monitoring tools:
http://www.groundworkopensource.com GroundWork Monitor Enterprise
http://www.hyperic.com Hyperic HQ
http://www.icinga.org Icinga
http://oss.oetiker.ch/mrtg/  mrtg
http://www.nagios.com Nagios
http://www.n-able.com N-central
http://www.op5.com op5 Monitor
http://www.open-itcockpit.com openITCockpit
http://www.opennms.org OpenNMS
http://www.hp.com/de/bto HP OpenView
http://www.bmc.com BMC PATROL ProactiveNet Performance Management
http://www.shinken-monitoring.org Shinken
http://www.ibm.com/software/de/tivoli IBM Tivoli
http://www.ca.com/de CA Unicenter
http://www.whatsupgold.com WhatsUp Gold
http://www.zabbix.com Zabbix
http://www.zenoss.com Zenoss Enterprise

My recommendation for a useful solution for syslog  and data correlation solutions:
Splunk http://www.splunk.com/ 
Cisco CS-MARS http://www.cisco.com/en/US/products/ps6241/index.html
Sawmill:  http://www.sawmill.net
Paglo:  http://paglo.com
Q1 Labs (offers free VM version):  http://www.q1labs.com/qradar-slim-fe
Manage Engine with OpManager:  http://www.manageengine.com

look @ http://www.linuxjournal.com/article/5476 and
http://blogs.splunk.com/2008/11/13/syslog-syslog-ng-and-splunk-forwarders/
0
 

Accepted Solution

by:
Neal_876 earned 0 total points
ID: 36941856
Thank you both for responding... I am checking out the different soluctions

Is the Syslog software free from syslg.org? It does not seems that way..
0
 

Author Comment

by:Neal_876
ID: 37216230
Sorry for the delay in responding. My project was rescheduled so I did not get to try all of the solution but I think I will be using one of the open sources.
0
 

Author Closing Comment

by:Neal_876
ID: 37236427
Thank you!
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question