New draft standards
Joe Wulf
joe_wulf at yahoo.com
Mon Dec 14 16:38:23 UTC 2015
Steve,
The last place I was at heavily used Splunk and then transitioned to dual-routing a substantial portion of the logs from across the infrastructure to ELK, as well.
-Joe
From: Steve Grubb <sgrubb at redhat.com>
To: F Rafi <farhanible at gmail.com>; "linux-audit at redhat.com" <linux-audit at redhat.com>
Sent: Monday, December 14, 2015 10:34 AM
Subject: Re: New draft standards
But I guess this gives me an opportunity to ask the community what tools they
are using for audit log collection and viewing? Its been a couple years since
e had this discussion on the mail list and I think some things have changed.
Do people use ELK?
Apache Flume?
Something else?
It might be possible to write a plugin to translate the audit logs into the
native format of these tools.
-Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20151214/673ee678/attachment.htm>
More information about the Linux-audit
mailing list