Home page logo

basics logo Security Basics mailing list archives

Log Management Application
From: "Johnston Mark (UK)" <Mark.Johnston () O2 COM>
Date: Tue, 13 Mar 2007 11:07:07 -0000

Hey there guys,

I'm interested in finding out some info from those of you that use Log
management applications (e.g. log logic, net forensics). Having a look
at OS audit logs, I assume that you had to go through a process of
turning on and configuring each OS to produce audit logs for the
management log system.

Did you guys turn on everything, and let the log management app handle
the aggregation and normalisation or was it more a case you only turned
on what you wanted to have a look at and then send that to the log
management app.

Also how did you configure the logging on the OS? Taking a look at RHEL,
you can configure it in multiple ways like using -k for prefixes. How
does the log management app handle this? Or do they give you a specified
format that the audit needs to be setup in.


This electronic message contains information from O2 which may be privileged or confidential. The information is 
intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware 
that any disclosure, copying distribution or use of the contents of this information is prohibited. If you have 
received this electronic message in error, please notify us by telephone or email (to the numbers or address below) 
O2 (UK) Limited 260 Bath Road, Slough, Berkshire SL1 4DX Registered in England and Wales: 1743099. VAT number: GB 778 
6037 85

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]