All firms today have servers, workstations, laptops, network equipment, printers and other networked devices. Almost all of these devices are capable of reporting application, system and audit events. Does your firm need to do anything with this information, and if so, how should it be collected and filtered into legible reports? There are numerous solutions available to perform these functions, and a few of the well known solutions are listed below.
Today there was an open mic discussion regarding log collection and reporting. Eric Richards did an excellent job explaining one of the most widely used applications, "Splunk". This solution is capable of collecting the most basic, all the way out to the most intricate information, and generate legible reports and alerts based on predefined criteria. Splunk can also be expanded with "bolt-on" applications to extend its reach into almost any network-connected device.
Other solutions mentioned included Nagios, NetCrunch, SpectorSoft Log Manager, LANsweeper, and more. Below there are links to each of these mentioned solutions. There is a solution to fit any budget.
Splunk Log File Collection and Reporting
http://www.splunk.com/
Splunk - Free e-Book on Getting Started with Splunk
http://www.splunk.com/goto/book
NetCrunch by adrem Software
http://www.adremsoft.com/netcrunch/
SpectorSoft Log Manager
http://www.spectorsoft.com/products/log-manager/
LANsweeper
http://www.lansweeper.com/
Solutions Built with the ELK Stack
https://www.elastic.co/products
The Bro Network Security Monitor
https://www.bro.org/
Enterprise Log Search and Archive (ELSA)
https://github.com/mcholste/elsa
Security Onion - IDS/NSM, Snort, Suricata, Bro, Squil, Squert, Snorby, ELSA, Xplico
http://sourceforge.net/projects/security-onion/
https://www.snort.org/
http://www.openinfosecfoundation.org/
LogStash
http://logstash.net/
Spiceworks
http://www.spiceworks.com/
#Security