[netsa-tools-discuss] How to integrate siem (syslog server) with silk
asad
a.alii85 at gmail.com
Tue Oct 20 02:34:11 EDT 2015
Thanks Mark, this is so great makes my job so easy:).
On 10/15/15, Mark Thomas <mthomas at cert.org> wrote:
> If you are looking for something to do automated analysis of
> incoming records, take a look at Analysis Pipeline.
> http://tools.netsa.cert.org/analysis-pipeline/index.html
>
> -Mark
>
>
> On Mon, 12 Oct 2015 23:32:55 +0500, asad wrote:
>
>> Hey,
>>
>> I want to know is there any mechanism which will allow silk tool set
>> results i.e rwfilter,rwstats to be shipped to siem for advanced analysis.
>>
>> I know much can be done using "PySiLK" however in place of already
>> existing
>> siem I don't feel the need to use it.
>>
>> /var/log/rwflowpack are not very intrusive does "silk" comes with some
>> "alert module". I can use syslog service to send logs to remote system.
>>
>> regards
>> Asad
>
More information about the netsa-tools-discuss
mailing list