Security Basics mailing list archives
Re: Any research on log correlation and aggregation?
From: Fred Cohen <fred.cohen () all net>
Date: Fri, 28 Oct 2005 10:56:01 -0700
You might start with an old one but a goo done. http://all.net/ => InfoSec Baseline Studies => Intrusion Detection and Response On Oct 27, 2005, at 5:55 PM, ricci wrote:
Hello All, I'm read some research paper about log correlation and aggregation ofvarious logging facilities such as syslog, IDS and Firewall logs. Is there any research on correlation and aggregation? Is there any research on log aggregation through timestamp and any research on time synchronization? Is there any mechanism for correlating and aggregating logs which do not havetime synchronization? Thx. Ricci
-- This communication is confidential to the parties it is intended to serve --
Security Posture securityposture.com tel/fax University of New Haven unhca.com 925-454-0171 Fred Cohen & Associates all.net 572 Leona Drive Security Management Partners policygeeks.com Livermore, CA 94550
Current thread:
- Re: Todays dumb question, (continued)
- Re: Todays dumb question Chris Clymer (Oct 27)
- Re: Todays dumb question Kelly Lucas (Oct 27)
- RE: Todays dumb question Vic N (Oct 27)
- Re: Todays dumb question Austin Murkland (Oct 27)
- RE: Todays dumb question Nick Willey (Oct 27)
- RE: Todays dumb question Andrew Chong (Oct 27)
- RE: Todays dumb question David Gillett (Oct 27)
- RE: Today's dumb question Herman Frederick Ebeling, Jr. (Oct 27)
- Any research on log correlation and aggregation? ricci (Oct 28)
- RE: Any research on log correlation and aggregation? Andrew Chong (Oct 31)
- Re: Any research on log correlation and aggregation? Fred Cohen (Oct 31)
- Any research on log correlation and aggregation? ricci (Oct 28)
- Re: Todays dumb question Micheal Espinola Jr (Oct 27)
- Re: Todays dumb question Gilbert Fernandes (Oct 27)
- Re: Todays dumb question Steven Meyer (Oct 28)
- Re: Todays dumb question jontaimanglo (Oct 27)
- RE: Todays dumb question Leigh Parsons (Oct 27)