Home page logo
/

basics logo Security Basics mailing list archives

Re: syslog
From: Ramon Kagan <rkagan () yorku ca>
Date: Mon, 27 Sep 2004 12:58:28 -0400 (EDT)

HI,

I've been using logsurfer for the past 4 years and it is an excellent
tool.  I must be honest though that I'm looking at logsurfer+ right now
since it adds some much appreciated features.  Nonetheless they are the
same product, just a resurrection.  I haven't found a better log parsing
tool yet.  BTW, we scan about 0.4-0.7GB daily in real time.

Ramon Kagan
York University, Computing and Network Services
Information Security  -  Senior Information Security Analyst
(416)736-2100 #20263
rkagan () yorku ca

-----------------------------------   ------------------------------------
I have not failed.  I have just        I don't know the secret to success,
found 10,000 ways that don't work.     but the secret to failure is
                                       trying to please everybody.
        - Thomas Edison                         - Bill Cosby
-----------------------------------   ------------------------------------

On Fri, 24 Sep 2004, Thomas Harris wrote:

Has anyone used logsurfer for this purpose?

http://www.crypt.gen.nz/logsurfer/



Anich, Ryan L wrote:

I am not sure how in depth you are planning to go with your strategy, but
this is what I am looking at for a solution for my company.

http://www.arcsight.com/



-----Original Message-----
From: Tran, Nhon [mailto:Nhon.Tran () logicacmg com]
Sent: Monday, September 20, 2004 2:36 AM
To: security-basics () securityfocus com
Subject: syslog

Hi all
One of the companies I support wants to implement a syslog strategy for all
their infrasturcture devices.. Unix boxes, windows server, cisco comms
devices. To hopefully capture all the logs, we're talking about lots of
logs, their domain servers log about 300K items a day!.. Unix boxes log
heaps too about 70K per day per server!.. They have around 80 unix server,
120 windows servers and about 150 comms devices.. Any idea what the best way
to go about this would be, also any suggestions of what log analysis
software to use?
Nhon

This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------







  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]