LogAnalysis Mode:
(Page 2 of 91)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[logs] Fast regex-less log parser 2008-08-29
ron dilley (ron dilley gmail com)
Hello,

In the spirit of sharing and in the hopes of prodding a co-conspirator into
finishing *his* better, stronger and faster parser, I have released the
source to my regex-less log parser specifically for Juniper (Netscreen)
firewall logs.

http://www.uberadmin.com/Projects/quickparser/index.html

[ more ]  [ reply ]
[logs] Applied Security Visualization Book is out 2008-08-13
Raffael Marty (rmarty splunk com)
My book is finally done. The Applied Security Visualization book (http://secviz.org/content/applied-security-visualization-book-available

) came out last week, just in time for BlackHat.

The book is very hands-on. It teaches you how to take security data
and generate visual representations for s

[ more ]  [ reply ]
[logs] Any ideas on how to make the IIS Admin Service generate somelogs? 2008-08-12
Andrew Hay (andrewsmhay gmail com)
Let me know.

--
Andrew Hay
Security+, CCSE Plus, RHCE, GSEC, GCIA, GCIH, CISSP
blog: http://www.andrewhay.ca
email: andrewsmhay (at) gmail (dot) com [email concealed]
twitter: andrewsmhay
profile: http://www.linkedin.com/in/andrewhay
<div dir="ltr">Let me know.<br clear="all"><br>-- <br>Andrew Hay<br>Security+, CCSE Plus, RHC

[ more ]  [ reply ]
[logs] Picviz 0.2 is out! 2008-08-07
Sebastien Tricaud (stricaud inl fr)
Release note for Picviz 0.2
===========================

Picviz is a parallel coordinates plotter which enables easy scripting from
various input (tcpdump, syslog, iptables logs, apache logs, etc..) to visualize
your data and discover interesting results quickly.

Picviz helps you to create, automat

[ more ]  [ reply ]
RE: [logs] Defining Events, Logs, and Alerts (Round 2) 2008-08-03
jim becher net
<html><body><div>   I think this e-mail thread has been interesting and enlightening.  Not to distract from the discussion, but is is anyone aware of a forum where vulnerabilities and vulnerability management is discussed in a similar manner?</div>
<div> </div>
<div> &n

[ more ]  [ reply ]
Fwd: RE: [CEE-DISCUSSION-LIST] [logs] Defining Events, Logs,and Alerts(Round 2) 2008-07-31
David Corlette (DCorlette novell com) (1 replies)

> I don't like "data stream" as it doesn't have any connotation with logs, in
> my mind.

Exactly, as I was trying to differentiate between a persisted stream of events (could maybe be called an "event log") and an object that contains events as well as "other things" that people have been alludin

[ more ]  [ reply ]
[logs] Re: [CEE-DISCUSSION-LIST] Fwd: Re: [CEE-DISCUSSION-LIST]Defining Log, Event, and Alert (Round 2) 2008-07-31
David Corlette (DCorlette novell com)

> This is why definitions for "log" and "alert" were included -- because they are actively used by the log community.

Excellent points, and agreed. I'm not suggesting removing any definitions, but perhaps indication which ones we will use within CEE (anticipated, anyway) will help clarify things

[ more ]  [ reply ]
[logs] Defining Events, Logs, and Alerts (Round 2) 2008-07-31
Heinbockel, Bill (heinbockel mitre org) (3 replies)
Thank you for all of the great feedback and discussion.

After compiling all of the suggestions, we have gone
through and revised our definitions.

The main points of feedback were that (1) logs have
a temporal quality that is important, and (2) that
there are different connotations regarding the te

[ more ]  [ reply ]
Re: [logs] Defining Events, Logs, and Alerts (Round 2) 2008-07-31
Greg Vickers (g vickers qut edu au)
Re: [logs] Defining Events, Logs, and Alerts (Round 2) 2008-07-31
David Corlette (DCorlette novell com)
Re: [logs] Defining Events, Logs, and Alerts (Round 2) 2008-07-31
Anton Chuvakin (anton chuvakin org)
[logs] FYI - First USENIX Workshop on the Analysis of System Logs (WASL '08) 2008-07-25
Jon Stearley (jrstear sandia gov)
See http://www.usenix.org/event/wasl08/cfp/ for details.

-jon<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="fo

[ more ]  [ reply ]
RE: [logs] How to define Log, Event, and Alert? 2008-07-24
Tina Bird (tbird precision-guesswork com) (1 replies)

> I guess the real problem is trying to describe something that is best
> described by referring to itself. For example, if you were asked to
> explain what a triangle looked like you'd probably have a hard time
> explaining it without somehow calling it a "triangular geometric
> shape".

Nah, tria

[ more ]  [ reply ]
RE: [logs] How to define Log, Event, and Alert? 2008-07-25
Bill Scherr IV (bschnzl cotse net) (1 replies)
Re: [logs] How to define Log, Event, and Alert? 2008-07-25
Anton Chuvakin (anton chuvakin org) (1 replies)
RE: [logs] How to define Log, Event, and Alert? 2008-07-25
Rainer Gerhards (rgerhards hq adiscon com) (1 replies)
RE: [logs] How to define Log, Event, and Alert? 2008-07-26
Bill Scherr IV (bschnzl cotse net) (1 replies)
RE: [logs] How to define Log, Event, and Alert? 2008-07-29
Rainer Gerhards (rgerhards hq adiscon com) (1 replies)
RE: [logs] How to define Log, Event, and Alert? 2008-07-30
Eric Fitzgerald (Eric Fitzgerald microsoft com) (1 replies)
RE: [logs] How to define Log, Event, and Alert? 2008-07-30
Rainer Gerhards (rgerhards hq adiscon com)
(Page 2 of 91)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus