|
Colapse all |
Post message
[logs] logsurfer: test config file: ´.*´ - - - 0 exec "/bin/echo $0" 2009-10-29 J4 (junk4 klunky co uk) [logs] Send windows log events to syslog 2009-10-16 ron dilley (ron dilley gmail com) List,I needed to add support for Unicode in my simple login tracker. While poking around in the source, I added a few more features to make is a bit easier to use. If you have a small, medium or large Windows environment, you probably struggle with mapping actions in your firewalls or IDS logs bac [ more ] [ reply ] [logs] Windows Log Analysis 2009-10-08 chris misztur (chrismisztur yahoo com) (1 replies) I've put this project off to the side since mid-2008 but I'm back at it (http://sync-io.net/go/blog/2008/06/18/EventCollectorSubscribingHTTPXP20 03ClientsPost1.aspx). I've been thinking up ways to utilize Windows Event Collector(http://msdn.microsoft.com/en-us/library/bb427443(VS.85).aspx) to colle [ more ] [ reply ] [logs] ASDIC traffic log monitor for GNU/Linux released 2009-05-29 Mikael Kuisma (kuisma ping se) Hello list, We at Ping have just released our traffic log monitoring & analysis tool ASDIC for the GNU/Linux platform. You find it at http://www.ping.se/ASDIC/Overview It should install on most Debian-based (64bit Intel) distributions (e.g. Ubuntu), but since this is the very first GNU/Linux di [ more ] [ reply ] [logs] OSSEC v2.0 released 2009-03-03 Daniel Cid (dcid ossec net) Hi list, The OSSEC team is pleased to announce the general availability of OSSEC version 2.0. This new version is the first one with support for agentless monitoring and include many others new features and bug fixes: *Compiled Rules - Per popular demand, we are introducing the capability in [ more ] [ reply ] [logs] CanSecWest 2009 Speakers and Dojo courses (Mar 14-20) 2009-02-16 Dragos Ruiu (dr kyx net) Final Speaker Lineup for CanSecWest 2009 (March 18-20): =============================================== The Smart-Phones Nightmare - Sergio 'shadown' Alvarez Getting into the SMRAM: SMM Reloaded - Loíc Duflot Network design for effective HTTP traffic filtering - Jeff "rfp" Forristal, Zscaler N [ more ] [ reply ] [logs] Log Analysis and Visualization Workshop 2009-01-28 Raffael Marty (rmarty splunk com) I am teaching a workshop on "Log Analysis and Security Visualization" on March 9th and 10th in Boston, as part of SOURCEBoston. Sign-up now: http://www.sourceconference.com/index.php/source-boston-2009/boston-2009 -training Do you have piles of logs lying around? Do you know what your machine [ more ] [ reply ] [logs] Picviz 0.4 released 2008-10-27 Sebastien Tricaud (stricaud inl fr) Picviz 'Needle 24/7' 0.4 is *out*. NEWS ==== I will give a lecture on Picviz for the upcoming Usenix Workshop on the Analysis of System Logs (WASL 08) in San Diego. This is a good opportunity to meet and learn what you can do with Picviz. More information available on the conference website: http [ more ] [ reply ] [logs] syslog-ng windows agent question 2008-10-21 Patrick Hull (nethead69 gmail com) We are evaluating some options/products for sending Windows event and other logs to our syslog-ng servers. When running the Windows syslog-ng agent, we are seeing 2 issues: - Multiple events per line are being generated from the windows agent, lines are terminated, and continued on the next line. [ more ] [ reply ] RE: [logs] FW: Query on NTSyslog for vista 2008-10-17 Erik Norman (erik norman datagram se) Jebaraj, I'll try to answer your questions: Q1) NTSyslog was depended on .NET (2.0) . Has this dependency been removed from SyslogAgent? or Has it been included as part of the Setup for syslogagent? A: NTSyslog was made a long time ago, in standard c code. SyslogAgent is written in c and c++ i [ more ] [ reply ] [logs] Time for another discussion? 2008-10-08 Anton Chuvakin (anton chuvakin org) All, Not to self-promote, but to launch a possibly fun discussion: http://www.slideshare.net/anton_chuvakin/grand-challenges-of-log-managem ent-presentation Best, -- Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA http://www.chuvakin.org http://chuvakin.blogspot.com http://www.info-secure.org [ more ] [ reply ] [logs] FW: Query on NTSyslog for vista 2008-09-29 Tina Bird (tbird precision-guesswork com) (2 replies) _____ From: mailman-bounces (at) loganalysis (dot) org [email concealed] [mailto:mailman-bounces (at) loganalysis (dot) org [email concealed]] On Behalf Of Daniel Jebaraj-JDANIEL1 Sent: Friday, September 26, 2008 9:46 AM To: loganalysis-owner (at) loganalysis (dot) org [email concealed] Subject: Query on NTSyslog for vista Hi There, I have been looking at using NTSy [ more ] [ reply ] RE: [logs] FW: Query on NTSyslog for vista 2008-09-30 Erik Norman (erik norman datagram se) (2 replies) RE: [logs] FW: Query on NTSyslog for vista 2008-10-16 Daniel Jebaraj-JDANIEL1 (JDANIEL1 motorola com) RE: [logs] FW: Query on NTSyslog for vista 2008-09-30 Daniel Jebaraj-JDANIEL1 (JDANIEL1 motorola com) [logs] Call for SNORT raw logs 2008-09-29 Stefano Zanero (zanero elet polimi it) Hi all, in order to test a couple of systems, I would really need a bunch of Snort raw logs in any format, anonymized in the way you prefer. I can use my own but that would be hardly a general or conclusive test... so if anybody can contribute I'll be obliged :) -- Cordiali saluti, Stefano Zaner [ more ] [ reply ] [logs] Picviz 0.3 released 2008-09-20 Sebastien Tricaud (stricaud inl fr) Picviz 'good coffee' 0.3 is *out*. ...to have a good coffee, we must filter it! What is Picviz ? ================ Picviz is a parallel coordinates plotter, written to help people finding a needle in a haystack when dealing with numerous events on their system and struggling to maintain an acceptab [ more ] [ reply ] [logs] OSSEC v1.6 released 2008-09-02 Daniel Cid (dcid ossec net) Hi list, The OSSEC team is pleased to announce the general availability of OSSEC version 1.6. OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs [ more ] [ reply ] [logs] Fast regex-less log parser 2008-08-29 ron dilley (ron dilley gmail com) Hello, In the spirit of sharing and in the hopes of prodding a co-conspirator into finishing *his* better, stronger and faster parser, I have released the source to my regex-less log parser specifically for Juniper (Netscreen) firewall logs. http://www.uberadmin.com/Projects/quickparser/index.html [ more ] [ reply ] [logs] Applied Security Visualization Book is out 2008-08-13 Raffael Marty (rmarty splunk com) My book is finally done. The Applied Security Visualization book (http://secviz.org/content/applied-security-visualization-book-available ) came out last week, just in time for BlackHat. The book is very hands-on. It teaches you how to take security data and generate visual representations for s [ more ] [ reply ] [logs] Any ideas on how to make the IIS Admin Service generate somelogs? 2008-08-12 Andrew Hay (andrewsmhay gmail com) Let me know. -- Andrew Hay Security+, CCSE Plus, RHCE, GSEC, GCIA, GCIH, CISSP blog: http://www.andrewhay.ca email: andrewsmhay (at) gmail (dot) com [email concealed] twitter: andrewsmhay profile: http://www.linkedin.com/in/andrewhay <div dir="ltr">Let me know.<br clear="all"><br>-- <br>Andrew Hay<br>Security+, CCSE Plus, RHC [ more ] [ reply ] [logs] Picviz 0.2 is out! 2008-08-07 Sebastien Tricaud (stricaud inl fr) Release note for Picviz 0.2 =========================== Picviz is a parallel coordinates plotter which enables easy scripting from various input (tcpdump, syslog, iptables logs, apache logs, etc..) to visualize your data and discover interesting results quickly. Picviz helps you to create, automat [ more ] [ reply ] |
|
|
Privacy Statement |
I compiled & installed logsurfer1.5b from Source Forge.
The logsurfer man page states that when I use a configuration file
containing this line then all std in ought to be sent to std out.
´.*´ - - - 0 exec "/bin/echo $0"
Just to check that echo is there,
# which echo
/bi
[ more ] [ reply ]