RE: syslog

• Previous message: Steve: "Re: free hIDS, or system assessment tools"
• Maybe in reply to: Tran, Nhon: "syslog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 24 Sep 2004 14:53:00 -0400
To: "Tran, Nhon" <Nhon.Tran@logicacmg.com>, <security-basics@securityfocus.com>

You can look into Intellitactics, which basically is a correlation engine

-----Original Message-----
From: Tran, Nhon [mailto:Nhon.Tran@logicacmg.com]
Sent: Monday, September 20, 2004 3:36 AM
To: security-basics@securityfocus.com
Subject: syslog

Hi all
One of the companies I support wants to implement a syslog strategy for all
their infrasturcture devices.. Unix boxes, windows server, cisco comms
devices. To hopefully capture all the logs, we're talking about lots of
logs, their domain servers log about 300K items a day!.. Unix boxes log
heaps too about 70K per day per server!.. They have around 80 unix server,
120 windows servers and about 150 comms devices.. Any idea what the best way
to go about this would be, also any suggestions of what log analysis
software to use?
Nhon

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

• Previous message: Steve: "Re: free hIDS, or system assessment tools"
• Maybe in reply to: Tran, Nhon: "syslog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: syslog ... Unix boxes, windows server, cisco comms ... heaps too about 70K per day per server!.. ... (Security-Basics) syslog ... Unix boxes, windows server, cisco comms ... heaps too about 70K per day per server!.. ... (Security-Basics) Re: ZOT Print Server.... ... >> I looked quickly at the link and this seems to be a standard network ... >> server. ... >> for both my unix boxes and windows boxes without samba. ... All my windows machines can print to all as can the unix boxes. ... (freebsd-questions) RE: syslog ... Unix boxes, windows server, cisco comms ... heaps too about 70K per day per server!.. ... Computer Forensics Training at the InfoSec Institute. ... All of our class sizes ... (Security-Basics) How to distribute passwords at install time ... I'm currently setting up a new infrastructure for a bunch of Unix boxes ... Now when installing Samba, ... the machine doesn't have any SSH trust set up. ... the management/install server watch the output of faimond, ... (comp.unix.misc)