Hey all, got a quick question!
I want to receive, parse and store syslogs from various devices on my home network on my windows box. I know, I know, its a bit backwards but I’d like to proceed with this sort of setup if possible (not against discussion, of course).
I’ve looked and looked for options but it seems like everything has been bare bones and basically just receives, or is locked behind premium. Surely there’s some sort of solution out there, no? I’d be willing to implement something in Python if I need to but I’m considerably more hesitant when compared to using an open source soln.
Thanks for your time, looking forward to discussing/learning more!
I don’t know if an open source solution for windows, but I know of a really cool IDS solution that does syslog. It’s going to be overkill, and there’s a learning curve, but it’s worth it if you’re into this stuff.
Check out Security Onion 2.4
It’s Linux, but the install is kindergarten easy. Just download ISO, pick standalone mode.
It has a web interface. The database is actually elastic search.
If you take the time to play with this thing, it will skill you up. It’s a fully scalable IDS.
Interesting! It rings a bell for sure, and I could really just access the web interface from the windows box as a work around for the soln implementation i’m targetting. Thank you!