Security Basics mailing list archives

Re: Re: log monitoring/analysis/correlation systems

From: jlehman () mail esignal com
Date: 21 Nov 2006 22:41:06 -0000

you might also look at ossec. it is open source and does event correlation, although I haven't tested it myself, i do 
plan to give it a shot. This was highlited ina a sans webcast by Mike Poor

http://www.ossec.net/

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

RE: log monitoring/analysis/correlation systems, (continued)
- RE: log monitoring/analysis/correlation systems Matt Davis (Nov 21)
- Audit Windows Machine, IRM (Nov 21)
  - Re: Audit Windows Machine, Ansgar -59cobalt- Wiechers (Nov 22)
- Re: log monitoring/analysis/correlation systems Jon Hart (Nov 22)
- Re: log monitoring/analysis/correlation systems Kurt Buff (Nov 22)
- Re: log monitoring/analysis/correlation systems q (Nov 21)
- Re: log monitoring/analysis/correlation systems a . lagana (Nov 21)
- Re: log monitoring/analysis/correlation systems vachanta (Nov 22)
- Re: log monitoring/analysis/correlation systems vameg (Nov 22)
  - Re: log monitoring/analysis/correlation systems Joseph Jenkins (Nov 23)
- Re: Re: log monitoring/analysis/correlation systems jlehman (Nov 22)