+9Hello,
i am looking for siem with Veeam in private cloud - without sending logs to public cloud to analyze threads
somethings what could be isolated - logs cannot be sent into internet/public cloud.
maybe with some AI (as main reason to have option to analyze logs for threads), which could update its signature from internet, is possible
Any suggestions are welcomed
thank you
Best answer by Chris.Childerhose
Yeah, but Splunk is Public Cloud I believe...not private?
Nope we use it on premise no cloud. 😉
+21Hi
If memory serves, the only one I’m aware of for private cloud option is Fortinet. Not sure how ‘mature’ they are. We tried them out for a little bit for a POC but decided to go with Splunk. My Security Admin tested out a few (Elastic was our 3rd option..but, like Splunk, are Public Cloud-based).
Best.
+21Splunk is a great one which we use for this. Also having the app for Veeam is great.
+21Yeah, but Splunk is Public Cloud I believe...not private?
+21Yeah, but Splunk is Public Cloud I believe...not private?
Nope we use it on premise no cloud. 😉
+11Maybe https://wazuh.com/ is an option for you. I saw an article from Ian Engelbrecht about it with VBR integration. Still have it on my things to check/do list..
https://www.mritsurgeon.co.za/2024/01/orchestrating-cybersecurity-resilience.html
Best, Markus
+21Yeah, but Splunk is Public Cloud I believe...not private?
Nope we use it on premise no cloud. 😉
YAY!...I learned something new today 😂 Thanks Chris! ha
+21Maybe https://wazuh.com/ is an option for you. I saw an article from Ian Engelbrecht about it with VBR integration. Still have it on my things to check/do list..
https://www.mritsurgeon.co.za/2024/01/orchestrating-cybersecurity-resilience.html
Best, Markus
Yeah Wazuh is a pretty good one. Steep learning curve I found though and not very intuitive.
I would recommend Splunk or Qradar. I remember that Qradar supports local threat-analysis and it integrates with Veeam.
+9Hello coolsport00, Chris.Childerhose, teha, Dynamic,
thank you very much for you answers.
I will try Splunk and Qradar and i will look on Wazuh, as they could be setup in isolated environment and integration with Veeam is good feature for them.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
