Security Basics mailing list archives
Re: Monitor IIS logs
From: Kelly Martin <kel () securityfocus com>
Date: Tue, 9 Sep 2003 09:36:17 -0600 (MDT)
On Mon, 8 Sep 2003, Phillip McCollum wrote:
You might be interested in Microsoft's LogParser utility: http://www.microsoft.com/downloads/details.aspx?FamilyID=8cde4028-e247-45be-bab9-ac851fc166a4&DisplayLang=en At 04:29 PM 9/8/2003, Robert McIntyre wrote:I am looking for some advice on monitoring IIS logs. Basically I could use some help on the following: 1. Important things to look for 2. Free utilities to help me search through the logs 3. Good references about web logs and how to spot an attack.
Also check out the recent "MRTG for IIS" article by Mark Burnett in the Microsoft section of SecurityFocus. It uses LogParser to parse IIS logs and give you a visual way to see network traffic and spot attacks. LogParser is very powerful and a good recommendation for what you're trying to do, but the command line options can get rather... complex. :) http://www.securityfocus.com/infocus/1721 Regards, -- Kelly Martin <kel () securityfocus com> --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Monitor IIS logs Robert McIntyre (Sep 08)
- Re: Monitor IIS logs K. K. Mookhey (NII) (Sep 09)
- Re: Monitor IIS logs Phillip McCollum (Sep 09)
- Re: Monitor IIS logs Kelly Martin (Sep 09)