Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded them by outsourced cloud solutions, which can provide exponential cost savings.
Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to confront these advanced threats before, during and after attacks.
We like AWStats for general log monitoring, but AWStats doesn't do security log analysis -- for that we use Splunk. If you haven't heard of Splunk, stop reading and check it out; it is simply unmatched as a security log analysis tool. Grab traps, alerts, and syslog and SNMP data, and once you have the data, Splunk lets you graph and search it quickly via a simple, browser-like interface. In addition to helping you spot potential threats and dangerous trends, Splunk can aid compliance efforts, get alerts on thresholds you set, and generate nice reports of your findings. FULL REPORT ...