The vendor documentation is frequently the best place. However, the usual security resources (Security Focus, Security Portal, SANS, CSI) also have resources and white papers on how to harden systems and set up logging on them. There are a number of products that can help you with what you want to do. Axent (Secure Enterprise Manager), Cybersafe (Centrax) and Clicknet (Entercept) all make products that help you log and monitor your systems. Other products that help with producing logs and reports can be found from companies like Open.com, netForensics, and Intellitactics (www.itactics.com), which have products you might find useful for event correlation and reporting. Additionally, Counterpane has a service that monitors and reports security systems for you.
Dig Deeper on SIEM, log management and big data security analytics
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.