Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

Re: centralizing logs
From: Michael Boman <michael () ayeka dyndns org>
Date: Sat, 13 Mar 2004 23:43:22 +0800
On Thu, 2004-03-11 at 20:44, dcneting wrote:

is there any tool(open source/commercial) that can be use to centralized
every log into 1 database? Im using a lot of tools here like ethereal,
tcpdump,snort..bla bla bla...so, it is hard for me to see the log one by
one...


The IDMEF proposed standard (latest version available at
ftp://ftp.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-11.txt) is
the work to create such a integration.

So far I only know of Prelude (http://www.prelude-ids.org) that actually
using it against a database, but there are other tools using IDMEF as
means to report events.

-- 
Michael Boman

Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]