Senior Director and Senior Systems Engineer (Dual Role), IT Infrastructure and Security at a financial services firm with 51-200 employees
Feb 13, 2023
Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being.
Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring.
Senior Director and Senior Systems Engineer (Dual Role), IT Infrastructure and Security at a financial services firm with 51-200 employees
Feb 13, 2023
Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being.
It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals.