A Wetpaint Site | TV Fandex 100

Sign in to Wetpaint

Sign in or

Location: TechWiseTV

Discussion: CSMARS

Category: Discussion Forum / General Discussion

Report thread
Watch thread
Share this

Showing 4 posts

ru1ofus	CSMARS Feb 25 2008, 3:35 PM EST Is Cisco MARS a good solution for Windows syslog aggregation? Post reply 1 out of 1 found this valuable. Do you find this valuable? Do you? Keyword tags: None
JimmyRay10acn	1. RE: CSMARS Feb 26 2008, 6:05 PM EST You could indeed do this with MARS, but MARS is also much more then just that piece. You can config MARS to take action on those entries as well. When I config MARS for Windows logging, I use SNARE to push the logs to CS-MARS. It works much better that way and purdy darn close to real time Post reply Do you find this valuable?
baddogsettle	2. RE: CSMARS Apr 3 2008, 2:41 PM EDT \| Post edited: Apr 3 2008, 2:41 PM EDT We are using SCOM (MOM 2007) which archives server security events to a SQL database. Can MARS leverage this as a feed for coorelation and reporting? Post reply Do you find this valuable?
JimmyRay10acn	3. RE: CSMARS Apr 3 2008, 3:25 PM EDT \| Post edited: Apr 3 2008, 3:25 PM EDT There is an install method in the CS-MARS manual for config'ing CS-MARS with MS-SQL. You will still need to go thru and add the corrolation piece so that the entries are understood. Post reply Do you find this valuable?

JavaScript must be enabled in order for you to contribute to this site.
To start contributing, enable JavaScript by changing your browser options, then try again.

Home