Re: Logging utility

[Roman Werpachowski <roman () student ifpan edu pl>]

Dnia czwartek, 5 sierpnia 2004 20:51, Roger A. Grimes napisał:
> The real work is then building reports from the data and splicing the
> events into more fields than the default syslog database allows.  Even
> when you get all the data aggregated, different devices will report
> (even the same events) differently.  For example, a Port scan may be
> called two different things by two different devices and and the filter
> that identifies the port scan on one device will probably be different
> than it is on another.  So the easy part is collecting and aggregating.
> Making useful data and reports out of it is much more effort.

Is there any (open) standard on syslog entries format?

-- 
/* Roman Werpachowski */

Ten e-mail został sprawdzony i
zaakceptowany przez fretkę Tintin.



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------