Zen 2.0

I think one of the most frequently asked questions in log management is how to get the Apache logs to the log management server. Here are a couple workarounds. https://lists.balabit.hu/pipermail/syslog-ng/2001-February/001208.html http://www.precision-guesswork.com/sage-guide/apache.html The first option is probably what most people are looking for. Other options include transferring of the Apache logs after it has been rotated. [...]

My article on “War on IP Leakage” has been posted on ComputerWorld.

Eventlog to Syslog Utility from Purdue University. The Eventlog to Syslog utility is a program that runs on Microsoft Windows NT, 2000, or 2003 server, monitoring eventlog messages. When a new message appears in the eventlog, it is read, formatted, and forwarded to a UNIX syslog server. Depending on the facility and priority of the [...]

SC Magazine has a new article today on measuring security performance. Five recommendations were made: Recommendation #1:  Establish a Risk Baseline Recommendation #2 – Conduct Real-Time Measurements of Changes in Risk Levels Recommendation #3 – Benchmark the “Mean Time to Repair” for Security Problems Recommendation #4 – Compare Baseline Information to Desired Outcome Recommendation #5 [...]

Did I post this one before? I am not sure any of the companies mentioned in the article are actually doing anything to define a new log format standard, other than maybe IBM’s Common Event Infrastructure and Common Base Event format. But even IBM’s making a single log extremely complicated. Security point products such as [...]