LogAnalysis Mode:
(Page 1 of 91)  1 2 3 4 5 6 7 8 9 10 11  Next >
[logs] Open Source centralized log management/SIEM solutions 2010-04-26
Youngquist, Jason R. (jryoungquist ccis edu) (2 replies)
Is anyone using any Open Source or low cost centralized log management/SIEM solution in a production environment which you would recommend?

Specifically, I'm looking for:

--scalability - must be able to handle hundreds of log sources - majority being servers and network devices

--good searching

[ more ]  [ reply ]
RE: [logs] Open Source centralized log management/SIEM solutions 2010-04-27
Starks, Michael (Michael Starks atosorigin com)
RE: [logs] Open Source centralized log management/SIEM solutions 2010-04-26
Sandy Bird (sandy bird Q1Labs com) (2 replies)
RE: [logs] Open Source centralized log management/SIEM solutions 2010-04-26
Kevin Reiter (KReiter insidefsi net)
Re: [logs] Open Source centralized log management/SIEM solutions 2010-04-26
Harry Hoffman (hhoffman ip-solutions net) (1 replies)
RE: [logs] Open Source centralized log management/SIEM solutions 2010-04-27
Soldatov, Sergey V. (SVSoldatov tnk-bp com)
[logs] Fwd: Simple Log Review Checklist out 2010-03-22
Anton Chuvakin (anton chuvakin org)
All,

Somehow I completely forgot about this mailing list when I released
this checklist, but here it is:

The log cheat sheet presents a checklist for reviewing critical
system, network and security logs when responding to a security
incident. It can also be used for routine periodic log review.  Y

[ more ]  [ reply ]
RE: [logs] Difficulty downloading sample log files 2010-02-08
Batchu, Arun (arun batchu verizonbusiness com)
Dan, Thank you!

-----Original Message-----
From: Daniel Cid [mailto:dcid (at) ossec (dot) net [email concealed]]
Sent: Monday, February 08, 2010 9:28 AM
To: Batchu, Arun
Cc: loganalysis (at) loganalysis (dot) org [email concealed]
Subject: Re: [logs] Difficulty downloading sample log files

Hey,

You can get lots of log samples from here too:
http://www.

[ more ]  [ reply ]
[logs] CFP: Workshop on the Analysis of System Logs 2010-02-08
Kathryn Mohror (mohror1 llnl gov)
Workshop on the Analysis of System Logs (WASL) 2010
http://www.systemloganalysis.com
Call for Papers

===============================
October 3, 2010
Vancouver, Canada

[ more ]  [ reply ]
[logs] logsurfer: test config file: ´.*´ - - - 0 exec "/bin/echo $0" 2009-10-29
J4 (junk4 klunky co uk)
Dear all log analysers,

I compiled & installed logsurfer1.5b from Source Forge.

The logsurfer man page states that when I use a configuration file
containing this line then all std in ought to be sent to std out.
´.*´ - - - 0 exec "/bin/echo $0"

Just to check that echo is there,
# which echo
/bi

[ more ]  [ reply ]
[logs] Send windows log events to syslog 2009-10-16
ron dilley (ron dilley gmail com)
List,I needed to add support for Unicode in my simple login tracker. While
poking around in the source, I added a few more features to make is a bit
easier to use. If you have a small, medium or large Windows environment,
you probably struggle with mapping actions in your firewalls or IDS logs
bac

[ more ]  [ reply ]
[logs] Windows Log Analysis 2009-10-08
chris misztur (chrismisztur yahoo com) (1 replies)
I've put this project off to the side since mid-2008 but I'm back at it (http://sync-io.net/go/blog/2008/06/18/EventCollectorSubscribingHTTPXP20
03ClientsPost1.aspx). I've been thinking up ways to utilize Windows Event Collector(http://msdn.microsoft.com/en-us/library/bb427443(VS.85).aspx) to colle

[ more ]  [ reply ]
RE: [logs] Windows Log Analysis 2009-10-21
Clayton Dukes (cdukes) (cdukes cisco com)
[logs] ASDIC traffic log monitor for GNU/Linux released 2009-05-29
Mikael Kuisma (kuisma ping se)
Hello list,

We at Ping have just released our traffic log monitoring & analysis tool
ASDIC for the GNU/Linux platform.

You find it at http://www.ping.se/ASDIC/Overview

It should install on most Debian-based (64bit Intel) distributions (e.g.
Ubuntu), but since this is the very first GNU/Linux di

[ more ]  [ reply ]
[logs] EUSecWest 2009 CFP (May 27/28, Deadline April 7 2009) 2009-04-01
Dragos Ruiu (dr kyx net)
Call For Papers

The EUSecWest 2009 CFP is now open.

Deadline is April 7th, 2009.

EUSecWest CALL FOR PAPERS

LONDON, U.K. -- The third annual EUSecWest applied
technical security conference - where the eminent figures
in the international security industry will get together

[ more ]  [ reply ]
[logs] OSSEC v2.0 released 2009-03-03
Daniel Cid (dcid ossec net)
Hi list,

The OSSEC team is pleased to announce the general availability of
OSSEC version 2.0.

This new version is the first one with support for agentless
monitoring and include many others new features and bug fixes:

*Compiled Rules - Per popular demand, we are introducing the
capability in

[ more ]  [ reply ]
[logs] CanSecWest 2009 Speakers and Dojo courses (Mar 14-20) 2009-02-16
Dragos Ruiu (dr kyx net)
Final Speaker Lineup for CanSecWest 2009 (March 18-20):
===============================================

The Smart-Phones Nightmare - Sergio 'shadown' Alvarez

Getting into the SMRAM: SMM Reloaded - Loíc Duflot

Network design for effective HTTP traffic filtering - Jeff "rfp"
Forristal, Zscaler

N

[ more ]  [ reply ]
[logs] Log Analysis and Visualization Workshop 2009-01-28
Raffael Marty (rmarty splunk com)
I am teaching a workshop on "Log Analysis and Security Visualization"
on March 9th and 10th in Boston, as part of SOURCEBoston.

Sign-up now: http://www.sourceconference.com/index.php/source-boston-2009/boston-2009
-training

Do you have piles of logs lying around? Do you know what your machine

[ more ]  [ reply ]
[logs] Picviz 0.4 released 2008-10-27
Sebastien Tricaud (stricaud inl fr)
Picviz 'Needle 24/7' 0.4 is *out*.

NEWS
====

I will give a lecture on Picviz for the upcoming Usenix
Workshop on the Analysis of System Logs (WASL 08) in San Diego.

This is a good opportunity to meet and learn what you can do
with Picviz. More information available on the conference website:
http

[ more ]  [ reply ]
[logs] syslog-ng windows agent question 2008-10-21
Patrick Hull (nethead69 gmail com)
We are evaluating some options/products for sending Windows event and
other logs to our
syslog-ng servers. When running the Windows syslog-ng agent, we are
seeing 2 issues:
- Multiple events per line are being generated from the windows agent,
lines are terminated,
and continued on the next line.

[ more ]  [ reply ]
RE: [logs] FW: Query on NTSyslog for vista 2008-10-17
Erik Norman (erik norman datagram se)
Jebaraj,

I'll try to answer your questions:

Q1) NTSyslog was depended on .NET (2.0) . Has this dependency been removed
from SyslogAgent? or Has it been included as part of the Setup for
syslogagent?

A: NTSyslog was made a long time ago, in standard c code. SyslogAgent is
written in c and c++ i

[ more ]  [ reply ]
[logs] Time for another discussion? 2008-10-08
Anton Chuvakin (anton chuvakin org)
All,

Not to self-promote, but to launch a possibly fun discussion:
http://www.slideshare.net/anton_chuvakin/grand-challenges-of-log-managem
ent-presentation

Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.org
http://chuvakin.blogspot.com
http://www.info-secure.org

[ more ]  [ reply ]
[logs] FW: Query on NTSyslog for vista 2008-09-29
Tina Bird (tbird precision-guesswork com) (2 replies)


_____

From: mailman-bounces (at) loganalysis (dot) org [email concealed]
[mailto:mailman-bounces (at) loganalysis (dot) org [email concealed]] On Behalf Of Daniel
Jebaraj-JDANIEL1
Sent: Friday, September 26, 2008 9:46 AM
To: loganalysis-owner (at) loganalysis (dot) org [email concealed]
Subject: Query on NTSyslog for vista

Hi There,


I have been looking at using NTSy

[ more ]  [ reply ]
RE: [logs] FW: Query on NTSyslog for vista 2008-09-30
Erik Norman (erik norman datagram se) (2 replies)
RE: [logs] FW: Query on NTSyslog for vista 2008-10-16
Daniel Jebaraj-JDANIEL1 (JDANIEL1 motorola com)
RE: [logs] FW: Query on NTSyslog for vista 2008-09-30
Daniel Jebaraj-JDANIEL1 (JDANIEL1 motorola com)
RE: [logs] FW: Query on NTSyslog for vista 2008-09-29
Tina Bird (tbird precision-guesswork com)
[logs] Call for SNORT raw logs 2008-09-29
Stefano Zanero (zanero elet polimi it)
Hi all,

in order to test a couple of systems, I would really need a bunch of
Snort raw logs in any format, anonymized in the way you prefer.

I can use my own but that would be hardly a general or conclusive
test... so if anybody can contribute I'll be obliged :)

--
Cordiali saluti,
Stefano Zaner

[ more ]  [ reply ]
[logs] Picviz 0.3 released 2008-09-20
Sebastien Tricaud (stricaud inl fr)
Picviz 'good coffee' 0.3 is *out*.
...to have a good coffee, we must filter it!

What is Picviz ?
================

Picviz is a parallel coordinates plotter, written to help people
finding a needle in a haystack when dealing with numerous events
on their system and struggling to maintain an acceptab

[ more ]  [ reply ]
[logs] OSSEC v1.6 released 2008-09-02
Daniel Cid (dcid ossec net)
Hi list,

The OSSEC team is pleased to announce the general availability of
OSSEC version 1.6.

OSSEC is an Open Source Host-based Intrusion Detection System. It
performs log analysis, integrity checking, Windows registry
monitoring,
rootkit detection, real-time alerting and active response. It runs

[ more ]  [ reply ]
(Page 1 of 91)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus