IDS mailing list archives
RE: Host based IDS Reports
From: "Bohling James CONT JBC" <james.bohling () JBC JFCOM MIL>
Date: Mon, 29 Dec 2003 09:21:36 -0500
Mike's reply was great and should be taken to heart. SQL is not that difficult to learn and should be in the security practitioners toolbox. -----Original Message----- From: Mike Lyman [mailto:mlyman-security () comcast net] Sent: Monday, December 22, 2003 11:59 PM To: focus-ids () securityfocus com Subject: Re: Host based IDS Reports On Sat, 2003-12-20 at 14:05, Teicher, Mark (Mark) wrote:
Thoughts, comments, rants, raves, suggestions for a geek who preaches from the corner soapbox.. :)
My old boss and I used to drive vendors nuts when they'd ask us how we liked their reporting features and we'd tell them we didn't use them. As long as the data was being reported to a database, we'd generate our own reports, import to Excel and pretty them up from there. None of the built in reports met our constantly changing needs so we relied on the database. We also stress SQL skills as one of our main requirements for new members of the team. We had so much data available that everybody had to be able to write ad-hoc queries in their sleep. It may takes some skill to pretty them up but nothing beats being able to generate exactly the info you need instead of relying on what somebody else thinks you probably need. -- Mike Lyman <mlyman-security () comcast net> ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Host based IDS Reports Teicher, Mark (Mark) (Dec 22)
- Re: Host based IDS Reports Mike Lyman (Dec 22)
- <Possible follow-ups>
- RE: Host based IDS Reports Teicher, Mark (Mark) (Dec 23)
- RE: Host based IDS Reports Bohling James CONT JBC (Dec 29)