Re: syslog

[GuidoZ <uberguidoz () gmail com>]

I haven't personally used it, although some quick poking around on
Google turned up quite a few thoughts:
http://www.google.com/search?q=LogSurfer+review You're likely to find
some helpful information in there.

Looks like LogSurfer made it into a book from CERT
(http://www.apacheweek.com//features/book-certg.html). Some more
Googling could turn up the actual text of it. From the bits and pieces
I read, many people seem to like it alot.

Something else I love Google for, turning up people's bookmark backups:
 - http://www.cnetwork.com/~rhaskins/bookmarks.html
 - http://www.sevenseas.org/~adellam/bookmarks.html
 - http://www.ecst.csuchico.edu/~py/bookmarks.html

Yeah, LogSurfer is in all of them. =)

--
Peace. ~G


On Fri, 24 Sep 2004 15:07:41 -0400, Thomas Harris <tharris () andera com> wrote:
> Has anyone used logsurfer for this purpose?
>
> http://www.crypt.gen.nz/logsurfer/
>
> Anich, Ryan L wrote:
>
> > I am not sure how in depth you are planning to go with your strategy, but
> > this is what I am looking at for a solution for my company.
> >
> > http://www.arcsight.com/
> >
> >
> >
> > -----Original Message-----
> > From: Tran, Nhon [mailto:Nhon.Tran () logicacmg com]
> > Sent: Monday, September 20, 2004 2:36 AM
> > To: security-basics () securityfocus com
> > Subject: syslog
> >
> > Hi all
> > One of the companies I support wants to implement a syslog strategy for all
> > their infrasturcture devices.. Unix boxes, windows server, cisco comms
> > devices. To hopefully capture all the logs, we're talking about lots of
> > logs, their domain servers log about 300K items a day!.. Unix boxes log
> > heaps too about 70K per day per server!.. They have around 80 unix server,
> > 120 windows servers and about 150 comms devices.. Any idea what the best way
> > to go about this would be, also any suggestions of what log analysis
> > software to use?
> > Nhon