Snare. The world standard for effectively gathering and filtering IT-event data for critical security monitoring, analysis, auditing and archiving.
In technical nuts-and-bolts terms, Snare is a SIEM (Security Information & Event Management) Solution that consists of two individually licensed components.
These are the centrally installed Snare Server and individual device-based Snare Agents.
The Snare Server’s role is to give your system administrator all the tools needed to define, gather, index, track, report on and store all relevant IT network security events input from Snare and open source agents. It can receive log data directly from Windows and Linux/UNIX/OSX/AIX operating systems and Snare Epilog files, routers, switches, firewalls, authentication servers as well as other syslog sources.
Snare Agents examine all IT events at their source. Their role being to isolate all security events that you have defined to be of possible relevance, interest or real concern. Significantly, Snare Agents can be used in conjunction with a diverse range of SIEM servers including that designed by Snare itself.