Security Basics mailing list archives

RE: Log Analysis

From: "Hayes, Bill" <Bill.Hayes () owh com>
Date: Wed, 15 Nov 2006 16:01:10 -0600

Look at NIST 800-92 (draft), "Guide to Security Log Management",
sections 4.5, 5.3 and appendix A, "NIST SP 800-43 Recommendations
related to Log Management". This should give you some more ideas and
more sources for further research. 

Bill...

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of he4h00ker () yahoo com
Sent: Tuesday, November 14, 2006 11:45 PM
To: security-basics () securityfocus com
Subject: Log Analysis

Hi All

I am trying to write a basic guidelines for Log Analysis. I have written
at certain level. Their are many types of logs like web-server logs,
firewall logs, nids logs etc. I want to know what exactly should be
includen in this guidelines. I am writting specific to web server.

So, I am seeking some information related to correlation. Is their any
guidelines already written on this topic.

Lara


------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

Log Analysis he4h00ker (Nov 15)
- Re: Log Analysis Kurt Buff (Nov 16)
- <Possible follow-ups>
- RE: Log Analysis Laundrup, Jens (Nov 15)
- RE: Log Analysis Hayes, Bill (Nov 15)