Firewall Wizards mailing list archives

Log analysis tools

From: Technical Incursion Countermeasures <lists () ticm com>
Date: Fri, 22 May 1998 20:19:12

Part of a paper I'm doing will give a list of log analysis tools  and thier
usefulness in audit situations.

But the interesting thing is that I don't seem to be able to find many log
analysis tools at all (maybe I'm using the wrong search string). 

In particular I'm looking for tools to analyse firewall logs, but ones that
analyse the syslog would be nice too.

Cheers,

Bret
Technical Incursion Countermeasures 
consulting () bwa net                      http://www.ticm.com/
ph: (+61)(08) 9454 2487(UTC+8 hrs)      fax: (+61)(08) 9454 6042

The Insider - a e'zine on Computer security
http://www.ticm.com/info/insider.html

Current thread:

Port scans to UDP 161 (SNMP) Max Euston (May 21)
- Re: Port scans to UDP 161 (SNMP) M. Dodge Mumford (May 22)
- Log analysis tools Technical Incursion Countermeasures (May 22)
- Re: Port scans to UDP 161 (SNMP) Mookie (May 22)
- Re: Port scans to UDP 161 (SNMP) Michael (May 22)
- <Possible follow-ups>
- Re: Port scans to UDP 161 (SNMP) Steve Bellovin (May 22)
- Re: Port scans to UDP 161 (SNMP) H. Morrow Long (May 22)
- RE: Port scans to UDP 161 (SNMP) Max Euston (May 28)