[logs] Syslog and Windows
Matt Jonkman
jonkman at bleedingthreats.net
Thu Jun 21 21:49:34 PDT 2007
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys/
EvtSYs.
Simple, reliable. Just plain old works. :) I've used it in large
production systems for years now without a glitch.
Matt
Bill Scherr IV wrote:
> All...
>
> What do you suggest for sending windows logs to syslog
>
> B.
>
> On 18 Jun 2007, a message purporting to be from Chris Brenton appeared:
>
> Subject: Re: [logs] Facility 101 (was: Syslog and facilities)
> From: Chris Brenton <cbrenton at chrisbrenton.org>
> To: loganalysis <loganalysis at loganalysis.org>
> Date sent: Mon, 18 Jun 2007 09:04:41 -0400
>
>> The other problem is some of the facilities are a bit dated. For example
>> there is a facility for FTP (11) but not HTTP. UUCP even has its own
>> facility (8) but of course no one uses it anymore (I use it for my Windows
>> stuff. Keeps it from getting mixed in with other log entries ;-)
>>
>
> Bill Scherr IV, GSEC, GCIA
> Principal Security Engineer
> EWA Information and Infrastructure Technologies
> bscherr at iit-tek.com
> bscherr at ewa.com
> 703-478-7608
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis at loganalysis.org
> http://www.loganalysis.org/mailman/listinfo/loganalysis
--
--------------------------------------------
Matthew Jonkman
Bleeding Edge Threats
765-429-0398
http://www.bleedingthreats.net
--------------------------------------------
PGP: http://www.bleedingthreats.com/mattjonkman.asc
More information about the LogAnalysis
mailing list