Security Basics mailing list archives

Re: Any good log analysis/forensics tools?

From: Ty Bodell <tebodell () gmail com>
Date: Wed, 6 Apr 2005 19:51:41 -0500

Ricci--
1.) Try WebHistorian from www.red-cliff.com for browser history, but
if by "web log" you mean webserver logs you can probably just script
something up or if you've got Apache then i'd recommend the tools
package at apachesecurity.net
(http://apachesecurity.net/tools/index.html) and the logscan script.

3.) For a forensics framework see the Computer Crime Investigation
Framework(CCIF) from www.oissg.org (it's been down for a day or two,
not sure why but bookmark it and keep trying.)

HTH,
Tebodell

On Apr 5, 2005 7:51 PM, ricci <ricci () cs ust hk> wrote:

Hello All,

        I'm trying to test some good log analysis and forensics tools, can you give
me some idea?

        1. Is there any recommended web log analysis tools? Is there any tools with
forensics investigation and vulnerability identification feature?

        2. Is there any recommended Lotus Notes log analysis tools?

        3. Any comment on OSSIM? Is OSSIM working well? What kind of forensics
features it has provided?

        Thanks.

Ricci

---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security 
professionals.  Norwich University is fulfilling this demand with its MS in 
Information Security offered online.  Recognized by the NSA as an 
academically excellent program, NU offers you the opportunity to earn your 
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------

Current thread:

Any good log analysis/forensics tools? ricci (Apr 06)
- Re: Any good log analysis/forensics tools? Byron L. Sonne (Apr 07)
- Re: Any good log analysis/forensics tools? Ty Bodell (Apr 07)
- Re: Any good log analysis/forensics tools? Alvaro Prieto (Apr 07)
- <Possible follow-ups>
- RE: Any good log analysis/forensics tools? Andrew Williams (Apr 07)