Security Basics mailing list archives
RE: Any research on log correlation and aggregation?
From: "Andrew Chong" <andrewjw () singnet com sg>
Date: Sat, 29 Oct 2005 01:36:05 +0800
A good Security Log Management book (Identifying Patterns in Chaos). http://www.sweetfantasy.biz/prod_details.aspx?AsinSearch=1597490423&type =heavy&f=xml Regards, Andrew Chong, cissp -----Original Message----- From: ricci [mailto:ricci () cs ust hk] Sent: Friday, October 28, 2005 8:55 AM To: security-basics () securityfocus com Subject: Any research on log correlation and aggregation? Hello All, I'm read some research paper about log correlation and aggregation of various logging facilities such as syslog, IDS and Firewall logs. Is there any research on correlation and aggregation? Is there any research on log aggregation through timestamp and any research on time synchronization? Is there any mechanism for correlating and aggregating logs which do not have time synchronization? Thx. Ricci
Current thread:
- Re: -Old_Address- Todays dumb question, (continued)
- Re: -Old_Address- Todays dumb question jayson . agagnier (Oct 27)
- Re: Todays dumb question Chris Clymer (Oct 27)
- Re: Todays dumb question Kelly Lucas (Oct 27)
- RE: Todays dumb question Vic N (Oct 27)
- Re: Todays dumb question Austin Murkland (Oct 27)
- RE: Todays dumb question Nick Willey (Oct 27)
- RE: Todays dumb question Andrew Chong (Oct 27)
- RE: Todays dumb question David Gillett (Oct 27)
- RE: Today's dumb question Herman Frederick Ebeling, Jr. (Oct 27)
- Any research on log correlation and aggregation? ricci (Oct 28)
- RE: Any research on log correlation and aggregation? Andrew Chong (Oct 31)
- Re: Any research on log correlation and aggregation? Fred Cohen (Oct 31)
- Any research on log correlation and aggregation? ricci (Oct 28)
- Re: Todays dumb question Micheal Espinola Jr (Oct 27)
- Re: Todays dumb question Gilbert Fernandes (Oct 27)
- Re: Todays dumb question Steven Meyer (Oct 28)
- Re: Todays dumb question jontaimanglo (Oct 27)
- RE: Todays dumb question Leigh Parsons (Oct 27)