What Are You Doing Right Now

scottalanmiller

Watching Sleepy Hollow with @Dominica

Minion Queen

Just getting going today. Hope today is a better day.

Dashrender

Ug Windows updates slowing things down this morning.

thanksajdotcom

Found a $10 Newegg gift card in my email this morning straight from Newegg! Apparently they miss me...LOL

thanksajdotcom

Also, 52.1K views?! DANG!!

scottalanmiller

That's more than 2,000 views per day just on one thread!

scottalanmiller

Just up and working through email and back posts. Slept in a little this morning. How is everyone?

Reid Cooper

Good morning everyone and WOW that is a lot of people checking out this thread.

Reid Cooper

Not all that far from 2,000 posts in this thread too.

scottalanmiller

Good Morning, Reid.

scottalanmiller

Working on another article. Got one being posted today, I hope. And a few that I am working on.

thanksajdotcom

ELM issues...ELM issues as far as the eye can see...

scottalanmiller

Is it Dutch Elm Disease?

Reid Cooper

That stuff can spread like crazy.

thanksajdotcom

ELM = Enhanced Log Management. It's one component you can purchase as part of the SIEM.

thanksajdotcom

It's also one of the components that Tier I knows the least about. Thank Tier III and Engineering/Dev for that. They give us nothing! Hoarders...

scottalanmiller

How does it compare the ELK and Splunk?

thanksajdotcom

@scottalanmiller said:

How does it compare the ELK and Splunk?

As far as SIEMs, I honestly couldn't say. Don't have experience with either firsthand. Ours is not particularly stable though. It's commonplace for new releases to break major components, like parsing. We have customers ask us what the latest release broke as a common question...the absolute latest version of our SIEM has been very stable though. I will give them that. The previous two versions were both pulled from the downloads page PDQ, but not before T1 was flooded with calls.

thanksajdotcom

@thanksaj said:

@scottalanmiller said:

How does it compare the ELK and Splunk?

As far as SIEMs, I honestly couldn't say. Don't have experience with either firsthand. Ours is not particularly stable though. It's commonplace for new releases to break major components, like parsing. We have customers ask us what the latest release broke as a common question...the absolute latest version of our SIEM has been very stable though. I will give them that. The previous two versions were both pulled from the downloads page PDQ, but not before T1 was flooded with calls.

I've honestly been wanting to get my hands on an AlienVault demo just to have a base to compare from.

thanksajdotcom

For some reason I found this awesome!
Youtube Video