Re: Any research on log correlation and aggregation?

[Mark Ryan del Moral Talabis <talabis () gmail com>]

Hi, I don't know if this will help. There's a company called LogLogic
that has a product which focuses primarily on log management. They
have some corresponding research regarding it. Here's a link to their
white papers section:

http://www.loglogic.com/resources/white-papers/

Ryan Talabis
Philippine Honeynet Project
http://www.philippinehoneynet.org


On 10/28/05, ricci <ricci () cs ust hk> wrote:
> Hello All,
>
> I'm read some research paper about log correlation and aggregation of
> various logging facilities such as syslog, IDS and Firewall logs. Is there
> any research on correlation and aggregation? Is there any research on log
> aggregation through timestamp and any research on time synchronization? Is
> there any mechanism for correlating and aggregating logs which do not have
> time synchronization?
>
> Thx.
>
> Ricci