SEARCH RESULTS
 
Showing 1-10 of 19 records
 
Expand article

Software and SoftwareVersion in Syslog?

2008-02-25 17:00:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...syslog IETF draft "The syslog Protocol draft-ietf-syslog-protocol-23" ( here ) enlightens its readers that it now has "structured data elements, which can be used to transmit easily parseable, structured information and allows for vendor extensions." Wow, amazing Have you ever seen a syslog entry that had "enterpriseId", "software",...
 
Tags: transmit easily parseable, syslog ietf draft, data elements, syslog protocol, vendor extensions, software, syslog entry, enlightens, org
 
 
 
 
Expand article

TCP Syslog =/= Reliable?

2008-04-03 13:28:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...syslog Is there a need for a "more reliable" TCP with application-level ACKs? Maybe ... but not in the world where UDP syslog is still king About me: http://www.chuvakin.org
 
Tags: tcp syslog, tcp, reliable, log transfer, udp syslog, issues, reliability, unreliable, world
 
 
 
 
Expand article

Syslog-NG Folks Ready to Take Over the World?

2008-03-12 23:36:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...syslog-ng, seems to have developed larger plans: taking over the world of logging In this post called " A silent explosion ", they say: "At first sight, logging infrastructure might seem simple, and log management trivial. This might have been true in the past, but nowadays it is unarguably a process of strategic importance, and not only...
 
Tags: log management trivial, strategic importance, simple, world, logs, larger plans, syslog-ng, silent explosion, network
 
 
 
 
Expand article

Say When - Trusting Log Timestamps

2008-03-23 04:05:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...syslog, Windows event logs, database audit tables, proprietary ones, contain a timestamp . In fact, once I saw somebody use a timestamp to define logs as "timed records of IT activity." So, time is critical for logs being, well, logs :-) At this point it is worthwhile to note that file-based logs will contain a timestamp IN the file, while...
 
Tags: logs, windows event logs, syslog files, syslog, define logs, syslog-ng, system logs, syslog daemon, time
 
 
 
 
Expand article

Logging Poll #6 "Which Logs Do You LOOK At?" Analysis

The Article has images
2008-03-06 15:01:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...syslog Web server logs Firewall logs How does that compare with the top 3 log types that people collect (see picture showing results from my previous poll below These are Unix/Linux server syslog Firewall logs Web server logs Huh? They are the same - doesn't it just make sense? What are the possibilities here a. People only collect the logs...
 
Tags: logs, logs poll, windows server logs, nidsnips logs, firewall logs, poll, people collect, web server logs, people
 
 
 
 
Expand article

Windows Log Collection Poll Analysis

The Article has images
2008-04-02 16:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...syslog is the next popular (after 'Other'). This is definitely what I expected. Snare is a safe choice that everybody knows (but it is an agent Third , 'voting "no"' (i.e. 'We don't collect windows logs centrally') is next; in fact, it is not statistically different from the previous choice: Snare. This reflects the sad reality of Windows...
 
Tags: windows, logs, windows event logs, collect windows logs, windows version, remote windows collectors, collect, poll, ignore windows logs
 
 
 
 
Expand article

Logging, Correlation and IT Search: An Analogy

The Article has images
2008-06-06 17:00:00 by JJ in Security Uncorked
...Syslog server ). The doors, windows and other portals to the outside are also creating events and logging each time theyre opened, closed, locked or broken and, they too, are sending their info to the toaster Heres where life in your house gets interesting . Lets figure out whats normal its probably normal for your husband to come home, do...
 
Tags: kids, src kids computer, src, src livingroom tv, house, in-house, house gateways, src front door, kid1
 
 
 
 
Expand article

Logging Poll #3 "What Do You Do With Logs?" Analysis

The Article has images
2007-12-07 09:19:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...syslog servers and never touch them. That is why being in log management business is such a great thing: you have nearly the whole world to evangelize about the value of logs and log management tools Third, what's the next most popular idea of analyzing logs? It is "Run my own log analysis tool" at 10% of the respondents. Indeed, the movement...
 
Tags: logs, store raw logs, log management business, log management, analysis, poll, commercial log management, raw logs, log management tools
 
 
 
 
Expand article

My 2008 Security Predictions!

2008-01-09 15:42:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...syslog, Windows event logs and firewall logs are collected and analyzed today by just about everybody Application logging will start = yes . People will start collecting (at least collecting at first) application logs, not just firewall and server OS logs (and database logs, as mentioned above). Maybe ERP, CRM logs, maybe other large...
 
Tags: security, security predictions, broader information security, information security, smb security, virtual security appliances, security market, security solutions, security software