A Wetpaint Site

Sign in to Wetpaint

Already a member?
Sign in

Welcome! This is a website that everyone can build together. It's easy!

Location: TechWiseTV

Discussion: CSMARS

Keyword tags:

Watch

ru1ofus ru1ofus	CSMARS Feb 25 2008, 3:35 PM EST Is Cisco MARS a good solution for Windows syslog aggregation? Post reply 1 out of 1 found this valuable. Do you find this valuable? Do you?
JimmyRay10acn	RE: CSMARS Feb 26 2008, 6:05 PM EST You could indeed do this with MARS, but MARS is also much more then just that piece. You can config MARS to take action on those entries as well. When I config MARS for Windows logging, I use SNARE to push the logs to CS-MARS. It works much better that way and purdy darn close to real time Post reply Do you find this valuable?
baddogsettle baddogsettle	RE: CSMARS Apr 3 2008, 2:41 PM EDT We are using SCOM (MOM 2007) which archives server security events to a SQL database. Can MARS leverage this as a feed for coorelation and reporting? Post reply Do you find this valuable?
JimmyRay10acn	RE: CSMARS Apr 3 2008, 3:25 PM EDT There is an install method in the CS-MARS manual for config'ing CS-MARS with MS-SQL. You will still need to go thru and add the corrolation piece so that the entries are understood. Post reply Do you find this valuable?

JavaScript must be enabled in order for you to contribute to this site.
To start contributing, enable JavaScript by changing your browser options, then try again.

Site pages

Home

Top Contributors