[logs] CEE - a new logging standard
Anton Chuvakin
anton at chuvakin.org
Fri Apr 20 13:01:25 PDT 2007
All,
I figured I'd respond to all the fun comments received on the list in one email.
> Btw, is it going to be an open standard? Who was
> involved in the process to define/design it? I
> couldn't
> find any reference to it outside your blog. More
> info, please! :)
Sure, but here is something interesting and important: it is not who
WAS involved, it is who WILL be involved. I guess I was not very
clear: it is not the standard that will be announced in a few weeks,
it is the standard *effort.* We now need to actually create a
standard! And if you want to be involved, sure, you can be - an open
working group is being set up.
And, the reason that there are no other references online is that I
just unveiled an early look.
> Is this actually being driven by a broad-spectrum of industry vendors
> and major FOSS authors, or is this a "standard" being written by a
> single company, small group of companies, and/or a group of academics?
Well, MITRE will manage it, so I guess at this stage the response will
be something along the lines "if you like CVE, you will like this too"
:-) Large software vendors will be involved, but, admittedly, maybe
not on day one (as always).
And - "academics", come on! Just look at IDMEF and weep (laugh,
rather! :-0) 10 years of work with no impact on the world at
all...sad.
And finally:
>IETF Standards are more likely to get adopted [...]
Not funny! :-)
Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.org
http://chuvakin.blogspot.com
http://www.info-secure.org
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.org
http://chuvakin.blogspot.com
http://www.info-secure.org
More information about the LogAnalysis
mailing list