±Your Account
Membership:
New Today: 3
New Yesterday: 7
Overall: 24184
Visitors: 97±Latest Webinar
±Latest Articles
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
±Follow Us
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Splunk alternatives
Splunk alternatives
Posted: Wed Feb 13, 2013 6:46 am
Hey guys,
I'm looking for a good, freeware alternative for Splunk. I'm more than OK with an open source solution.
In my search, I stumbled upon the ManageEngine EventLog Analyzer which is quite good, but not exactly what I'm looking.
I would love to hear with what tools you are working for log analysis and aggregation.
Thanks
I'm looking for a good, freeware alternative for Splunk. I'm more than OK with an open source solution.
In my search, I stumbled upon the ManageEngine EventLog Analyzer which is quite good, but not exactly what I'm looking.
I would love to hear with what tools you are working for log analysis and aggregation.
Thanks
-
WarlocK88 - Member
Re: Splunk alternatives
Posted: Thu Feb 28, 2013 9:01 am
Try Kiwi Syslog server. The free version is good, but doesn't come with the agent software. You can get round this by setting up SNMP trapping. Which leads to the question as to what it is your're monitoring, servers, network devices, both?
SNMP works well for network devices, not so great in my opinion on windows machines. An agent software like Snare (free) is pretty good and combined with Kiwi Syslog offers a pretty decent syslog system in all.
In terms of log analysis, not familiar with any decent freeware tools besides splunk. You could always learn a scripting language like Perl, which isn't too hard, tons of free tutorials out there, and great for log analysis.
SNMP works well for network devices, not so great in my opinion on windows machines. An agent software like Snare (free) is pretty good and combined with Kiwi Syslog offers a pretty decent syslog system in all.
In terms of log analysis, not familiar with any decent freeware tools besides splunk. You could always learn a scripting language like Perl, which isn't too hard, tons of free tutorials out there, and great for log analysis.
-
Migs - Newbie
Re: Splunk alternatives
Posted: Fri May 10, 2013 9:55 am
Post is old, but for reference you might also be of interest in ELSA (dev now supported by Mandiant).
ELSA
code.google.com/p/ente...d-archive/
ELSA
code.google.com/p/ente...d-archive/
-
wexxlar - Newbie
