We have been using Snare Lite Open source for years, and understand it no longer meets PCI 3.0 compliance as it does not log enough event information. Snare Enterprise logs significantly more information, and would be PCI 3.0 compliant, but is expensive.

I wondered if anyone here would know if the NXlog CE edition, which is free, logs MORE event info than the Snare Lite Open source version that we could use it to replace Snare Lite Open source,  and be confident it would comply with minimum PCI 3.0 requirements.

I see the comparison of Snare lite open source with enterprise here to see the differences, but haven't found a similar chart for NXlog CE to compare.



AskedJanuary 22, 2016 - 11:05pm

Answer (1)

The NXLog Community Edition can collect all event sources from the Windows Eventlog whereas Snare Lite seems to be able to collect the following Windows Eventlog sources only: Security, System, Application, Directory Service, DNS Server, DFS Replication, File Replication Service

You will be a lot closer to PCI compliance with TCP/TLS support and a bunch of other features that Snare Lite is lacking, that's why a lot of users switch.