Zen 2.0

I think one of the most frequently asked questions in log management is how to get the Apache logs to the log management server.
Here are a couple workarounds.

https://lists.balabit.hu/pipermail/syslog-ng/2001-February/001208.html
http://www.precision-guesswork.com/sage-guide/apache.html

The first option is probably what most people are looking for.
Other options include transferring of the Apache logs after it has been rotated. We will discuss this [...]

My article on “War on IP Leakage” has been posted on ComputerWorld.

Eventlog to Syslog Utility from Purdue University.
The Eventlog to Syslog utility is a program that runs on Microsoft Windows NT, 2000, or 2003 server, monitoring eventlog messages. When a new message appears in the eventlog, it is read, formatted, and forwarded to a UNIX syslog server. Depending on the facility and priority of the message [...]

SC Magazine has a new article today on measuring security performance.
Five recommendations were made:

Recommendation #1:  Establish a Risk Baseline
Recommendation #2 – Conduct Real-Time Measurements of Changes in Risk Levels
Recommendation #3 – Benchmark the “Mean Time to Repair” for Security Problems
Recommendation #4 – Compare Baseline Information to Desired Outcome
Recommendation #5 – Use SIM Technology to Automate [...]

Did I post this one before?
I am not sure any of the companies mentioned in the article are actually doing anything to define a new log format standard, other than maybe IBM’s Common Event Infrastructure and Common Base Event format. But even IBM’s making a single log extremely complicated.
Security point products such as IDSes, anti-virus [...]