[nsp] Syslog Corelation ect
Andrew Fort
afort at choqolat.org
Tue Nov 4 20:30:49 EST 2003
Kevin Gannon wrote:
>We currently use Netcool to manage all our syslog data which runs at
>about 40k lines of log a day. However Netcool is starting to cripple us
>with support costs.
>
>We are looking for a similar system with a GUI that NOC operators
>can use. We are looking for something a bit more than "swatch".
>Ideally a competing product that doesnt cost the same as a GSR.
>
>Of course it must run on UNIX (Sun).
>
>
Kevin,
Although it's still a roll your own solution, SEC (simple event
correlator) is worth a look if you have someone there with enough time
and Perl skills to roll it up into some HTML reports for your folks.
Perhaps you can justify the time versus the capex/opex spent on Netcool.
See <http://www.estpak.ee/~risto/sec/>
-cheers
More information about the cisco-nsp
mailing list