Using Splunk to eat ERA logs....

Discussion in 'Other ESET Home Products' started by kfinke, Nov 12, 2008.

Thread Status:
Not open for further replies.
  1. kfinke

    kfinke Registered Member

    Joined:
    Jun 3, 2008
    Posts:
    4
    For PCI compliance, we would like to use Splunk (www.splunk.com) to eat the threat, firewall, and update logs from ERA. Anyone ever done this?

    Splunk specializes in consuming text log files, but has lots of flexibility. It claims to be able to consume database inputs through a scripted input. I suppose if this is my only choice, I'll be able to write something to read the MDB file.

    What format are the files in the \storage folder in?

    Kevin
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    I'm not familiar with Splunk, but the next version of ESET Remote Administrator, which is currently in public beta, supports MySQL, MS-SQL and Oracle databases and is available here. Would it be easier to use that instead of working with the Jet database?

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.