Security Basics mailing list archives
Re: Integrating logs from PIX, IIS and WAS
From: phunked up! <phunkodelic () gmail com>
Date: Thu, 27 Oct 2005 08:35:23 -0400
Go to www.logparser.com. Use that with a back end database such as MySQL or micorosft Sql (express is free) which will allow you to do analysis of the logs. I am also doing the same sort of thing and am using the above mentioned tools. On 10/26/05, Luis Angel Fernandez <lafernandez () matchmind es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I am investigating about tools for integrate (store and analysis) logs from different souces (Cisco PIX, IIS, WAS app server, syslog). The goal is be able of follow up a the behavior of a possible intruder throught a scenario based on that products. Which is your method for doing a forensic task like this? Which tools could help for this task? Regards. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQCVAwUBQ1+eO3h5cEbo8TeiAQLOqAP8DctPlYwp31gbPVYeiKJoNOLVzmfXlE2T xrH6fheN54odc8WY0VmyYWBTDwe2PDKJoq4ePcmshBjv5Nz5H/fkD746eajMxhwB RYVnbNL4JoxE6nAMv8IR17yMEudFCE1bHE0dKAQFRl+veNUoxkZfR/LBkg2+/W9j vXjxgrV8Aps= =MRJ9 -----END PGP SIGNATURE-----
Current thread:
- Integrating logs from PIX, IIS and WAS Luis Angel Fernandez (Oct 26)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)
- Re: Integrating logs from PIX, IIS and WAS Luis Fernandez (Oct 27)
- RE: Integrating logs from PIX, IIS and WAS Brian Loe (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS Ivan . (Oct 27)
- <Possible follow-ups>
- RE: Integrating logs from PIX, IIS and WAS Andrew Williams (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)