Security Basics mailing list archives
Re: Integrating logs from PIX, IIS and WAS
From: Luis Fernandez <lafernandez () matchmind es>
Date: Thu, 27 Oct 2005 17:05:51 +0200
I'm going to probe what it's able of; how many time do you think this project will have the microsoft anagram? It looks a good start from Microsoft for get this piece of market too. What will think sites like LogLogic, ArcSight and GuardedNet about it? Thanks for your contribution. phunked up! wrote:
Go to www.logparser.com. Use that with a back end database such as MySQL or micorosft Sql (express is free) which will allow you to do analysis of the logs. I am also doing the same sort of thing and am using the above mentioned tools. On 10/26/05, Luis Angel Fernandez <lafernandez () matchmind es> wrote: Hello, I am investigating about tools for integrate (store and analysis) logs from different souces (Cisco PIX, IIS, WAS app server, syslog). The goal is be able of follow up a the behavior of a possible intruder throught a scenario based on that products. Which is your method for doing a forensic task like this? Which tools could help for this task? Regards.
Current thread:
- Integrating logs from PIX, IIS and WAS Luis Angel Fernandez (Oct 26)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)
- Re: Integrating logs from PIX, IIS and WAS Luis Fernandez (Oct 27)
- RE: Integrating logs from PIX, IIS and WAS Brian Loe (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS Ivan . (Oct 27)
- <Possible follow-ups>
- RE: Integrating logs from PIX, IIS and WAS Andrew Williams (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 28)
- Re: Integrating logs from PIX, IIS and WAS phunked up! (Oct 27)