Logging
How to perform network-wide security event log monitoring
This white paper explains the need to monitor security event logs network-wide and how you can achieve this using GFI LANguard S.E.L.M. It is written by Randy Franklin Smith, author ...
Written by: GFI Software and added on Jan. 19, 2011Remote Syslogging - A Primer
The syslog daemon is a very versatile tool that should never be overlooked under any circumstances. The facility itself provides a wealth of information regarding the local system that it ...
Written by: Armando Ortiz and added on March 15, 2011Logfile Analysis: Identifying a Network Attack
This paper presents an in-depth look into what an automated network attack looks like in the logfiles to better understand the attacks ?after-the-fact?. I will analyze two different attacks: one ...
Document added on June 27, 2011Importance of Understanding Logs from an Information Security Standpoint
Information Security has many facets and branches, but to really understand what is going on in this new world, you need the ability to read, translate, and understand the wide ...
Written by: Stewart Allen and added on June 16, 2011Effective Logging & Use of the Kiwi Syslog Utility
This paper will familiarize the reader with the basics of syslog as defined by RFC 3164, describe some variations of syslog as implemented by various network hardware vendors, provide an ...
Written by: Brian R. Wilkins and added on April 21, 2011Centralizing Event Logs on Windows 2000
This case study will detail how I setup a central repository for server logs and daily notifications of events that might indicate a security incident. This was done on a ...
Written by: Gregory Lalla and added on Jan. 23, 2011A Security Analysis of System Event Logging with Syslog
An analysis of the system event logging protocol, syslog is discussed. A review of the problems with the syslog protocol are descibed. Theses security problems include the tranmission of system ...
Written by: Kenneth E. Nawyn and added on Feb. 1, 2011Case Study: Using Syslog in a Microsoft & Cisco Environment
This case study details the development of a centralized logging infrastructure using Syslog in a Microsoft and Cisco based environment. The primary technology piece that our company employed was the ...
Written by: Dan Rathbun and added on Jan. 14, 2011Log Analysis as an OLAP Application - A Cube to Rule Them All -
This paper discusses a specific implementation of using OLAP technology on log analysis, in particular by using the Seagate Analysis OLAP client. The Seagate Analysis OLAP client, which is released ...
Written by: Leong Ying Siong Clement and added on May 21, 2011The Ins and Outs of System Logging Using Syslog
The intent of this paper is to help the reader follow a process of thinking that will provide them with the tools to understand the fundamentals of system logging. Hopefully ...
Written by: Ian Eaton and added on May 17, 2011