Log Management Application

["Johnston Mark (UK)" <Mark.Johnston () O2 COM>]

Hey there guys,

I'm interested in finding out some info from those of you that use Log
management applications (e.g. log logic, net forensics). Having a look
at OS audit logs, I assume that you had to go through a process of
turning on and configuring each OS to produce audit logs for the
management log system.

Did you guys turn on everything, and let the log management app handle
the aggregation and normalisation or was it more a case you only turned
on what you wanted to have a look at and then send that to the log
management app.

Also how did you configure the logging on the OS? Taking a look at RHEL,
you can configure it in multiple ways like using -k for prefixes. How
does the log management app handle this? Or do they give you a specified
format that the audit needs to be setup in.

Cheers
Mark



This electronic message contains information from O2 which may be privileged or confidential. The information is 
intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware 
that any disclosure, copying distribution or use of the contents of this information is prohibited. If you have 
received this electronic message in error, please notify us by telephone or email (to the numbers or address below) 
immediately.
O2 (UK) Limited 260 Bath Road, Slough, Berkshire SL1 4DX Registered in England and Wales: 1743099. VAT number: GB 778 
6037 85