My company, LogLogic, is looking to fill a “log analyst” position. Title to be decided but the requirements are – understanding the log formats and transport mechanisms – researching different log formats to identify common categories (to help design the back end) – parsing and normalizing the logs for the necessary information, based on requirements [...]
More...I am looking for some log samples to help us test our product. It would be much appreciated if you can help with any of them. You can send them directly to me at zhenjl@gmail.com. The log samples you send will remain confidential and will be used ONLY for internal testing. If you are ok [...]
More...Anyone want a gmail account? Email me if you are interested.
More...Security information management: is it either software or managed security services? Man, does this really worth $3395!!?? By year-end 2004 vendors will have generated $174m from the security information management software market. The strong drivers for this solution will propel the market forward over the next four years, at a CAGR of 35%, to reach [...]
More...I was talking to a couple of friends (a CSO and a security architect) about the usefulness of current dashboards the other day at Patxi’s. One of the complains is that the current dashboards are all flashy stuff and they don’t provide any explanation of what you see in the charts or graphs, nor do [...]
More...The following is what I posted to the loganalysis mailing list. The original question was regarding how to retrieve Web server logs (Apache for Windows) and Application specific logs (written in text format). You can accomplish this in a couple of ways. One, you can write a batch script on Windows box and use AT [...]
More...I think one of the most frequently asked questions in log management is how to get the Apache logs to the log management server. Here are a couple workarounds. https://lists.balabit.hu/pipermail/syslog-ng/2001-February/001208.html http://www.precision-guesswork.com/sage-guide/apache.html The first option is probably what most people are looking for. Other options include transferring of the Apache logs after it has been rotated. [...]
More...My article on “War on IP Leakage” has been posted on ComputerWorld.
More...Eventlog to Syslog Utility from Purdue University. The Eventlog to Syslog utility is a program that runs on Microsoft Windows NT, 2000, or 2003 server, monitoring eventlog messages. When a new message appears in the eventlog, it is read, formatted, and forwarded to a UNIX syslog server. Depending on the facility and priority of the [...]
More...SC Magazine has a new article today on measuring security performance. Five recommendations were made: Recommendation #1: Establish a Risk Baseline Recommendation #2 – Conduct Real-Time Measurements of Changes in Risk Levels Recommendation #3 – Benchmark the “Mean Time to Repair” for Security Problems Recommendation #4 – Compare Baseline Information to Desired Outcome Recommendation #5 [...]
More...
Disclaimer: This is my personal blog. The opinions expressed in this blog are the views of the writer and do not necessarily reflect the views and opinions of VMware.