2 Replies Latest reply on Jan 13, 2015 11:55 AM by stevenjwilliams83

    Solarwinds Syslog

    stevenjwilliams83

      Does anyone know if the solarwinds syslog portion of NPM qualifies for PCI DSS 3.0 compliance?

        • Re: Solarwinds Syslog
          RichardLetts

          Probably not.

          e.g.

          10.5.5 Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert).

          I could write a SQL update statement that removed/rewrote entries from the logs being stored in solarwinds quite easily. PCI-DSS is less about picking products that solve point-problems, but more about building a good security posture.

          The whole of section 10 for example has items in it about ensuring time is synced and accurate, that the logfiles are protected from modification at the source, in transit, when they land on the logserver, that you're going to look at them regularly, and that they are unmodified. Challenging, but not impossible.

           

          the Kiwi syslog mentions PCI-DSS specifically, so i would start there.

          • Re: Solarwinds Syslog
            stevenjwilliams83

            Well We have some make shift Linux red hat syslog server now but I am Linux impaired so I am looking for another solution.