Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Audit package
From: Richard Hutchinson <Richard.Hutchinson () OAG STATE TX US>
Date: Thu, 28 Sep 2000 07:10:19 -0600


I have been using a program for the last year or two to analyze data, to include audit log programs.  It will take a 
text file, ODBC compliant database file, ASCII, PCASCII, EBCDIC, etc. and read the data into a format you can filter in 
any manner you want, such as a particular userID.  It is a really sophisticated query program built specifically for 
auditing large data files.  The name is Audit Command Language.  They have a demo version that will take a small file 
(48k) and do all the things the full blown program will.  You can check it out at www.acl.com, if your are interested.

Richard Hutchinson, CISA, CIA
IS Audit Manager
Internal Audit Division
Texas Office of the Attorney General
E-Mail:  richard.hutchinson () oag state tx us

graham_michael () HOTMAIL COM 27 September, 2000 >>>
I hope this is the right sort of question.

Does anyone know of a package/application that uses the info created in the
Audit log of say NT or UNIX and enables administrators to drill down and get
info about users' movements like if someone is accessing loads of sensitive
files/directories on a given day etc.

The reason I ask is this, the Audit log doles out loads of info however I
want to be able to interrogate it and apply particular search routines to
it, to get that salient info only.



Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]