Re: Any research on log correlation and aggregation?
From: Fred Cohen (fred.cohen_at_all.net)
Date: 10/28/05
- Previous message: Justin: "Re: Unknow process listening on high port"
- In reply to: ricci: "Any research on log correlation and aggregation?"
- Next in thread: Leigh Parsons: "RE: Todays dumb question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Oct 2005 10:56:01 -0700 To: <ricci@cs.ust.hk>
You might start with an old one but a goo done.
http://all.net/
=> InfoSec Baseline Studies
=> Intrusion Detection and Response
On Oct 27, 2005, at 5:55 PM, ricci wrote:
> Hello All,
>
> I'm read some research paper about log correlation and aggregation of
> various logging facilities such as syslog, IDS and Firewall logs.
> Is there
> any research on correlation and aggregation? Is there any research
> on log
> aggregation through timestamp and any research on time
> synchronization? Is
> there any mechanism for correlating and aggregating logs which do
> not have
> time synchronization?
>
> Thx.
>
> Ricci
>
>
>
-- This communication is confidential to the parties it is intended
to serve --
Security Posture securityposture.com tel/fax
University of New Haven unhca.com 925-454-0171
Fred Cohen & Associates all.net 572 Leona Drive
Security Management Partners policygeeks.com Livermore, CA 94550
- Previous message: Justin: "Re: Unknow process listening on high port"
- In reply to: ricci: "Any research on log correlation and aggregation?"
- Next in thread: Leigh Parsons: "RE: Todays dumb question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
