[siem-users] IaaS/PaaS logs -> on-premise SIEM?
Anton Chuvakin
anton at chuvakin.org
Tue Jan 24 18:51:11 UTC 2012
All,
I suspect you'all slept thru my previous attempt to start this
discussion. As my 2nd attempt to wake up this esteemed list, here is a
fun question, or, rather, a whole bunch of them:
- do any of you (or others that you heard about) send logs from public
cloud IaaS instances (such as EC2) or even PaaS apps to your
on-premise SIEM?
- if yes, how's it working? what's the volume of data? what are the issues?
- if you don't do it, what do you think about such an approach in
general? will it work for large environments, in your opinion? is it
future-proof?
As you can see, I tried very hard to avoid leading questions (and
avoided mentioning SaaS log mgt / SIEM, flume, hadoop, etc, etc) since
I am genuinely curious....
Additional coverage of this question can be found here:
http://blogs.gartner.com/anton-chuvakin/2012/01/09/cloud-security-monitoring/
Best,
--
Dr. Anton Chuvakin
Site: http://www.chuvakin.org
Twitter: @anton_chuvakin
Work: http://www.linkedin.com/in/chuvakin
--
Dr. Anton Chuvakin
Site: http://www.chuvakin.org
Twitter: @anton_chuvakin
Work: http://www.linkedin.com/in/chuvakin
More information about the Discussion
mailing list