[CALUG] Next Meeting Reminder.
Sean Wilkerson
sean at seanandheather.com
Sun Oct 7 12:25:37 EDT 2007
Randy,
Good question. Willie provided a precise answer when considering the
traditional SIM. In fact I think my 3rd slide is titled "SIM, SEM,
SIEM." One of the important arts of the discussion is to better
understand what a SIM really is and understand how the term SIM is
evolving to include a wider range of services which don't all fit into
the traditional SIM definition. This has been quite confusing for the
SIM consumer, and "muddies the waters" so to speak, IMHO.
Hopefully the talk will help shed some light on a few of these issues,
and a resulting discussion might help us all understand:
- What a SIM really is?
- When Auditors/Regulatory Compliance requires central log management
what are they really asking for?
AND OF COURSE
- What of these services can we do our own with FOSS?
Sean
randy wrote:
> Sean Wilkerson wrote:
>
>> Title: Before you SIM
>> Desc: A look at central log collection DOs and DON'Ts. We will discuss
>> what really is a SIM, and whether or not you need one. Finally, we will
>> cover how to prepare for deploying a SIM (or some other log collection
>> service) including rolling your own central log collector.
>
> Could someone define SIM in this context?
>
> Thanks!
>
> randy
>
> _______________________________________________
> CALUG mailing list
> CALUG at unknownlamer.org
> http://unknownlamer.org/cgi-bin/mailman/listinfo/calug
>
More information about the CALUG
mailing list