10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert).
I could write a SQL update statement that removed/rewrote entries from the logs being stored in solarwinds quite easily. PCI-DSS is less about picking products that solve point-problems, but more about building a good security posture.
The whole of section 10 for example has items in it about ensuring time is synced and accurate, that the logfiles are protected from modification at the source, in transit, when they land on the logserver, that you're going to look at them regularly, and that they are unmodified. Challenging, but not impossible.
the Kiwi syslog mentions PCI-DSS specifically, so i would start there.
Well We have some make shift Linux red hat syslog server now but I am Linux impaired so I am looking for another solution.