|
|
LogAnalysis
[logs] How to define Log, Event, and Alert? Jul 23 2008 03:26PM Heinbockel, Bill (heinbockel mitre org) (3 replies) Re: [logs] How to define Log, Event, and Alert? Jul 23 2008 09:43PM Jon Stearley (jrstear sandia gov) Re: [logs] How to define Log, Event, and Alert? Jul 23 2008 03:45PM Bill Scherr IV (bschnzl cotse net) (2 replies) Re: [logs] How to define Log, Event, and Alert? Jul 23 2008 05:37PM Michael Kinsley (michael kinsley sensage com) Re: [logs] How to define Log, Event, and Alert? Jul 23 2008 04:40PM Chris Lonvick (clonvick cisco com) |
|
Privacy Statement |
> Event:
> A discrete, distinct, and discernible state change in an
> environment.
In some aspects, state changes such as processes dieing or starting
are surely events, but I also think that some logs which don't indicate
a state change such as login failures, port scanning, intrusion
detection logs, and so on are noteworthy and worth alerting on.
Ron
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
[ reply ]