Security Basics mailing list archives
Re: Monitor IIS logs
From: "K. K. Mookhey (NII)" <cto () nii co in>
Date: Tue, 9 Sep 2003 09:09:00 +0530
Hi, You can check out the following site for info on log monitoring. http://www.counterpane.com/log-analysis.html Also, you can download our tool Log Analyzer, which is specifically written for IIS logs. The download zip contains a pattern file with common IIS attack patterns to scan for. Also given the log folder it will scan all files using wildcard matching. So you can use the date values within the log file names to scan only from a specific date onwards, etc. http://nii.co.in/research/tools.html Cheers, K. K. Mookhey CTO, Network Intelligence India Pvt. Ltd. Web: www.nii.co.in ================================= Security Auditing Software - AuditPro http://www.nii.co.in/products.html ================================= ----- Original Message ----- From: "Robert McIntyre" <robert.mcintyre () earthmail com> To: "Security-Basics (E-mail)" <security-basics () security-focus com> Sent: Tuesday, September 09, 2003 4:59 AM Subject: Monitor IIS logs
I am looking for some advice on monitoring IIS logs. Basically I could use some help on the following: 1. Important things to look for 2. Free utilities to help me search through the logs 3. Good references about web logs and how to spot an attack.
--------------------------------------------------------------------------------
--------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Monitor IIS logs Robert McIntyre (Sep 08)
- Re: Monitor IIS logs K. K. Mookhey (NII) (Sep 09)
- Re: Monitor IIS logs Phillip McCollum (Sep 09)
- Re: Monitor IIS logs Kelly Martin (Sep 09)