Opensource Log Analysis : OSSIM

5th March 2009

Do you want your organization to comply strict audit rules but dont wish to pay heavy for commercial products! or do you want to analyze the chunk of data produced by your network devices or servers then OSSIM is for you

OSSIM stands for open-Source Security Information Management ,features include the following
 
  •   Time stamp and encrypt syslogs
  •   Correlation based on custom rules
  •   Agent based log collection from windows hosts
  •   Real-time correlation and alerting
  •   MAC address anomaly detection
  •   Web based application with access control 

OSSIM is available as an ISO download from http://ossim.net/ 

Screenshots are available from http://ossim.net/screenshots.php

A good tutorial series on OSSIM available from http://www.alienvault.com/blog/dk



Comments