This level of detail would be much appreciated -- really, though I'll take
anything I can get. At the moment it's a lot of deafening silence :-)
_____
From: Tom Le [mailto:dottom (at) gmail (dot) com [email concealed]]
Sent: Thursday, June 07, 2007 7:55 PM
To: Tina Bird; loganalysis (at) loganalysis (dot) org [email concealed]
Subject: Re: [logs] About that failed login data
It may also be worth capturing the OS/application as well, i.e. Windows 2000
vs. 2003, Solaris vs. AIX. This is especially useful for network devices
that may have different versions within the same model name which generate
different messages.
On 6/7/07, Tina Bird <tbird (at) precision-guesswork (dot) com [email concealed]> wrote:
I forgot to mention: if you are sending me data, please try to capture the
facility and priority at which your system records the failed login events.
This is not always a trivial activity, so don't waste a lot of time on it,
but if you can get at it, it will be given a very good home :-)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16441" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=103240203-08062007><FONT face=Arial
color=#0000ff size=2>This level of detail would be much appreciated --
really, though I'll take anything I can get. At the moment it's a lot of
deafening silence :-)</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Tom Le [mailto:dottom (at) gmail (dot) com [email concealed]]
<BR><B>Sent:</B> Thursday, June 07, 2007 7:55 PM<BR><B>To:</B> Tina Bird;
loganalysis (at) loganalysis (dot) org [email concealed]<BR><B>Subject:</B> Re: [logs] About that failed
login data<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV>It may also be worth capturing the OS/application as well, i.e.
Windows 2000 vs. 2003, Solaris vs. AIX. This is especially useful for
network devices that may have different versions within the same model
name which generate different messages. </DIV>
<DIV><BR> </DIV>
<DIV><SPAN class=gmail_quote>On 6/7/07, <B class=gmail_sendername>Tina
Bird</B> <<A
href="mailto:tbird (at) precision-guesswork (dot) com [email concealed]">tbird (at) precision-guesswork (dot) co [email concealed]
m</A>>
wrote:</SPAN>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><BR>I
forgot to mention: if you are sending me data, please try to capture
the<BR>facility and priority at which your system records the failed login
events. <BR>This is not always a trivial activity, so don't waste a lot of
time on it,<BR>but if you can get at it, it will be given a very good home
:-)<BR><BR>thanks --
tbird<BR><BR>_______________________________________________ <BR>LogAnalysis
mailing list<BR><A
href="mailto:LogAnalysis (at) loganalysis (dot) org [email concealed]">LogAnalysis (at) loganalysis (dot) org [email concealed]</A
><BR><A
href="http://www.loganalysis.org/mailman/listinfo/loganalysis">http://ww
w.loganalysis.org/mailman/listinfo/loganalysis
</A><BR></BLOCKQUOTE></DIV><BR></BLOCKQUOTE></BODY></HTML>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
anything I can get. At the moment it's a lot of deafening silence :-)
_____
From: Tom Le [mailto:dottom (at) gmail (dot) com [email concealed]]
Sent: Thursday, June 07, 2007 7:55 PM
To: Tina Bird; loganalysis (at) loganalysis (dot) org [email concealed]
Subject: Re: [logs] About that failed login data
It may also be worth capturing the OS/application as well, i.e. Windows 2000
vs. 2003, Solaris vs. AIX. This is especially useful for network devices
that may have different versions within the same model name which generate
different messages.
On 6/7/07, Tina Bird <tbird (at) precision-guesswork (dot) com [email concealed]> wrote:
I forgot to mention: if you are sending me data, please try to capture the
facility and priority at which your system records the failed login events.
This is not always a trivial activity, so don't waste a lot of time on it,
but if you can get at it, it will be given a very good home :-)
thanks -- tbird
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
<http://www.loganalysis.org/mailman/listinfo/loganalysis>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16441" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=103240203-08062007><FONT face=Arial
color=#0000ff size=2>This level of detail would be much appreciated --
really, though I'll take anything I can get. At the moment it's a lot of
deafening silence :-)</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Tom Le [mailto:dottom (at) gmail (dot) com [email concealed]]
<BR><B>Sent:</B> Thursday, June 07, 2007 7:55 PM<BR><B>To:</B> Tina Bird;
loganalysis (at) loganalysis (dot) org [email concealed]<BR><B>Subject:</B> Re: [logs] About that failed
login data<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV>It may also be worth capturing the OS/application as well, i.e.
Windows 2000 vs. 2003, Solaris vs. AIX. This is especially useful for
network devices that may have different versions within the same model
name which generate different messages. </DIV>
<DIV><BR> </DIV>
<DIV><SPAN class=gmail_quote>On 6/7/07, <B class=gmail_sendername>Tina
Bird</B> <<A
href="mailto:tbird (at) precision-guesswork (dot) com [email concealed]">tbird (at) precision-guesswork (dot) co [email concealed]
m</A>>
wrote:</SPAN>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><BR>I
forgot to mention: if you are sending me data, please try to capture
the<BR>facility and priority at which your system records the failed login
events. <BR>This is not always a trivial activity, so don't waste a lot of
time on it,<BR>but if you can get at it, it will be given a very good home
:-)<BR><BR>thanks --
tbird<BR><BR>_______________________________________________ <BR>LogAnalysis
mailing list<BR><A
href="mailto:LogAnalysis (at) loganalysis (dot) org [email concealed]">LogAnalysis (at) loganalysis (dot) org [email concealed]</A
><BR><A
href="http://www.loganalysis.org/mailman/listinfo/loganalysis">http://ww
w.loganalysis.org/mailman/listinfo/loganalysis
</A><BR></BLOCKQUOTE></DIV><BR></BLOCKQUOTE></BODY></HTML>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
[ reply ]