tag:blogger.com,1999:blog-4088979.post114606940283249531..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Forensics Warnings from CIO MagazineRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-4088979.post-1146542869147492642006-05-02T00:07:00.000-04:002006-05-02T00:07:00.000-04:00Now that you tried Splunk, try LogLogic. It does e...Now that you tried Splunk, try LogLogic. It does everything what splunk does plus reports, anomaly detection, etcAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1146105500600222072006-04-26T22:38:00.000-04:002006-04-26T22:38:00.000-04:00I have tried Splunk. Works great on Pix, Linux, So...I have tried Splunk. Works great on Pix, Linux, Solaris, Apache and Windows logs. The searches are really fast. They have just recently released the current Freebsd version. It was a few versions behind last week. I read one post on their forum about issues with Freebsd 6.0 but it should work fine on 5.x. The folks at Splunk are great and very interested in working / talking to the community. The free version will index 500mb per day.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1146070808229844342006-04-26T13:00:00.000-04:002006-04-26T13:00:00.000-04:00And while you are learning forensics, make sure to...And while you are learning forensics, make sure to get your private investigator's license!<BR/><BR/>See http://www.securityfocus.com/columnists/399/3<BR/>for details.<BR/><BR/>This blog post and Rasch's article are great complements to each other.Anonymousnoreply@blogger.com