Honeypots mailing list archives
Re: centralizing logs
From: Michael Boman <michael () ayeka dyndns org>
Date: Sat, 13 Mar 2004 23:43:22 +0800
On Thu, 2004-03-11 at 20:44, dcneting wrote:
is there any tool(open source/commercial) that can be use to centralized every log into 1 database? Im using a lot of tools here like ethereal, tcpdump,snort..bla bla bla...so, it is hard for me to see the log one by one...
The IDMEF proposed standard (latest version available at ftp://ftp.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-11.txt) is the work to create such a integration. So far I only know of Prelude (http://www.prelude-ids.org) that actually using it against a database, but there are other tools using IDMEF as means to report events. -- Michael Boman
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- centralizing logs dcneting (Mar 11)
- [Spam Quarantined]Re: centralizing logs Roger A. Grimes (Mar 11)
- Re: centralizing logs SecurIT Informatique Inc. (Mar 11)
- RE: centralizing logs Aditya, ALD [Aditya Lalit Deshmukh] (Mar 12)
- Re: centralizing logs Michael Boman (Mar 13)
- <Possible follow-ups>
- RE: centralizing logs Polazzo Justin (Mar 15)