[netsa-tools-discuss] How to integrate siem (syslog server) with silk
Mark Thomas
mthomas at cert.org
Thu Oct 15 13:07:51 EDT 2015
If you are looking for something to do automated analysis of
incoming records, take a look at Analysis Pipeline.
http://tools.netsa.cert.org/analysis-pipeline/index.html
-Mark
On Mon, 12 Oct 2015 23:32:55 +0500, asad wrote:
> Hey,
>
> I want to know is there any mechanism which will allow silk tool set
> results i.e rwfilter,rwstats to be shipped to siem for advanced analysis.
>
> I know much can be done using "PySiLK" however in place of already existing
> siem I don't feel the need to use it.
>
> /var/log/rwflowpack are not very intrusive does "silk" comes with some
> "alert module". I can use syslog service to send logs to remote system.
>
> regards
> Asad
More information about the netsa-tools-discuss
mailing list