Nos. writes: "We all know that logging is an important part of your security infrastructure. I'm currently in the process of setting up a centralized log management system. We will be using syslog-ng as our collection point, with a plan to eventually roll it out to all our Unix and Linux servers. This way we can encrypt the logs and send them via tcp as opposed to udp. This is a good start, but for security and PCI compliance, we need to do more. Future phases include collecting Windows logs, application logs (those that don't use the OS standard logging service), and eventually reporting and possibly even real time monitoring. The powers that be are willing to pay for a commercially built application, and I'm not opposed to that either. What is everyone else using? Given that we have a very diverse environment, is it feasible to go with things like OSSEC, LogMon, LogWatch, Splunk, and other open source tools?"