Part 4. What is A Suitable Logging Server for My First Virtual Machine

My Ideal Logging Server is You, Splunk.

I had researched about Logging Server called  security information and event management(SIEM) at Gartner for many days.

There were a lot of Solutions than i expected in SIEM area.

Splunk, LogRhythm, Solawinds(Kiwi Syslog), Manageengine, McAfee, IBM, Fireeye, etc.

But among them, the most interesting part was offering 500MB free daily for lifetime and a diversity of apps.

Other vendors only support mostly limited trial period or only limited host and customized only for specific purpose.

Furthermore, Splunk supports web browser interface and surprising filtering functions.

One of critical weakness was that after some period, login function was disappeared.

It means anybody can see the logged event.

But as I am network engineer, i could handle it with ACL on switch, or Firewall.

Of course, i will strongly recommend SPLUNK to my customer when there is opportunity for purchase. DO NOT HATE ME, SPLUNK.