Zen 2.0

LogLogic’s going to have a booth in RSA (#1142) and I will probably be there for booth duty. If you are there, please come on by to say hi. I would love to meet some of you.

I have been buried under piles of work and haven’t had much time to write. After spending almost every waking hours managing the product roadmap, analyzing the competition and market, talking to customers, and responding to RFPs, I’ve pretty much spent the rest of the time catching up on sleep. (Did I tell you I REQUIRE 9 hours of sleep or I get very grumpy?)

In any case, just want to let everyone know that I haven’t fogtten about this blog and will write more soon.

Automated and Secure Log File Analysis Service - SLAC.

An Intelligent Log File Analysis System to keep you informed about your Web Servers safety and your Checkpoint FW-1. No software required!

Interesting idea…I am just not sure that administrators will feel safe enough to send their corporate logs to an external service like this.

Obviously there’s precedence, Counterpane is a monitoring and log analysis service.

What do you think?

DON’T Ignore Lowly Log Analysis by Douglas Schweitzer.

Ever take a look at the computer security hardware and software products available these days? The number of them is staggering. They promise to (and for the most part do) help keep your workstations and servers secure. Nonetheless, although these routers, firewalls and intrusion-detection and -prevention systems spit out valuable information in the form of log files, too many organizations ignore or discard those logs.

My company, LogLogic, is looking to fill a “log analyst” position. Title to be decided but the requirements are

- understanding the log formats and transport mechanisms
- researching different log formats to identify common categories (to help design the back end)
- parsing and normalizing the logs for the necessary information, based on requirements
- mapping the reports to parsed information or vice versa
- identifying useful reports and alerts based on the log information

If you or someone you know are interested in such a position, please email me your resume.

Thanks

I am looking for some log samples to help us test our product. It would be much appreciated if you can help with any of them. You can send them directly to me at zhenjl@gmail.com.
The log samples you send will remain confidential and will be used ONLY for internal testing. If you are ok with [...]

Anyone want a gmail account? Email me if you are interested.

Security information management: is it either software or managed security services?
Man, does this really worth $3395!!??

By year-end 2004 vendors will have generated $174m from the security information management software market. The strong drivers for this solution will propel the market forward over the next four years, at a CAGR of 35%, to reach approximately $575m [...]

I was talking to a couple of friends (a CSO and a security architect) about the usefulness of current dashboards the other day at Patxi’s. One of the complains is that the current dashboards are all flashy stuff and they don’t provide any explanation of what you see in the charts or graphs, nor do [...]

The following is what I posted to the loganalysis mailing list. The original question was regarding how to retrieve Web server logs (Apache for Windows) and Application specific logs (written in text format).
You can accomplish this in a couple of ways.
One, you can write a batch script on Windows box and use AT scheduler to [...]