RightScale Blog

Cloud Management Blog
Cloud Management Blog

Add new comment

I'll be talking a bit more about OSSEC and CloudPassage on the webinar 2/5/2013. As for the SIEM stuff, all the ones you mentioned work. But they don't all solve the same problem. Back to the "Why?" will determine if those will meet your needs. Splunk is a great tool, but so is Sumo Logic (especially if you are in AWS). I don't have any experience with Loggy, but have heard good things. As a side note, I am looking at Sumo Logic for some future projects. Join the webinar in a next week, and I may be able to provide more insight. Traditional SIEM can work for IaaS, but you need to do it right, and the SIEM tool needs to have the ability to run in an IaaS environment. Network communications and licensing have some interesting twists and turns.
Posted by Phil Cox   Ι   January 29, 2013   Ι   10:46 AM