Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Log management

Posted on 2014-01-20
7
Medium Priority
?
282 Views
Last Modified: 2016-03-28
I have been tasked to collect firewall log, IDS logs and server logs to examine them using an application looking for information. How do I setup the collection of these logs and where do i install the log application.
0
Comment
Question by:SydNal2009
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 4

Assisted Solution

by:tmx84
tmx84 earned 1332 total points
ID: 39794415
Very general question, will need more info.. What OS? I see it's windows, Windows Firewall or a 3rd party? What IDS? Each software collects it's own logs, as long as it's enabled, and will store them in different locations... Please give more info!
0
 

Author Comment

by:SydNal2009
ID: 39794468
My apology for being so general. I meant to explain that I will need a central point where the logs are sent, i.e. 3rd party firewall log, NIDS log and Windows server log. From that central location can I use an application to examine them. I need to know how to setup this environment, where do I install the log app. in question?
0
 
LVL 4

Assisted Solution

by:tmx84
tmx84 earned 1332 total points
ID: 39794503
Where you install the "log app" shouldn't really make a difference as long as you tell the program where the logs are located.  Are you trying to do live scans? Daily Scans? etc, i mean do you need to move the log file?  

The Log Management App should be able to collect and analyze on it's own, as long as its setup properly.

Do you know what app you are going to be using?
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:SydNal2009
ID: 39794717
I don't know which app to use, any suggestion is welcomed. I also will need to move the log file. Can you also do reporting using the app? If so, do you know how to do reporting?
I will definitely would want to do live scans. Is there a difference between live scans vs daily scans, and why you would do one over the other?
0
 
LVL 37

Accepted Solution

by:
bbao earned 668 total points
ID: 39795869
you may try ArcSight Logger for free from HP.

"HP ArcSight Logger is a universal log management solution that unifies searching, reporting, alerting, and analysis across any type of enterprise log data making it unique in its ability to collect, analyze, and store massive amounts of data generated by modern networks. It supports multiple deployments such as an appliance, software, virtual machine, and within the cloud in both Windows and Linux environment"

http://www.arcsight.net/products/products-logger/

http://h20195.www2.hp.com/V2/GetPDF.aspx%2F4AA4-1065ENW.pdf
0
 

Expert Comment

by:Irit Gillath
ID: 40355167
You should try also Stackify www.stackify.com it will aggregate all your logs per application. The logs there will clearly mark errors and will provide you all the logs related to an error.
0
 

Expert Comment

by:Naomi Goldberg
ID: 41467922
Users on IT Central Station also use Stackify for log management. This user writes, "I like how Stackify combines capabilities that otherwise required us to use separate tools." You can read the rest of his review here: https://www.itcentralstation.com/product_reviews/stackify-review-32175-by-james-cooper

Members of our community that were interested in solutions such as Stackify also read reviews for LogRhythm.  This user writes that LogRhythm has "brought all of our devices into one area, so I am able to understand and manage all of our devices and understand what is going on with an individual device."  You can see what else he has to say about LogRhythm here: https://goo.gl/L5oZV5.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
How does someone stay on the right and legal side of the hacking world?
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question