[logs] Analyzing tons of logs

Grimes, Jason T jg48 at txstate.edu
Wed Mar 28 12:04:29 PDT 2007 

HYPERLINK "http://manageengine.adventnet.com/products/eventlog/index.html"http://manageengine.adventnet.com/products/eventlog/index.html

 

test out this app for 30 days, import your logs and answer your own questions and create more we can respond to

 

This should be a good starting point if nothing has been in place

 

   _____  

From: loganalysis-bounces at loganalysis.org [mailto:loganalysis-bounces at loganalysis.org] On Behalf Of Chetan Gupta
Sent: Wednesday, March 28, 2007 7:10 AM
To: loganalysis at loganalysis.org
Subject: [logs] Analyzing tons of logs

 


Dear List Members, 

I am looking for opinion from the experts for a particluar problem. 

How do we go about log analysis if we have tons (maybe in trillions) of logs from lets say tcpdump (raw logs) or some firewall (like netscreen or pix)? 
What would be the best way to normalize and analyze these logs in the shortest possible time? 
Import them into a database? Use a commercial application like arcsight? loglogic? simple text editor like editplus? 
Any suggestions/comments would be appreciated. 

Regards, 

Thanks and Regards,
ERNST & YOUNG ®
Ernst & Young Pvt. Ltd

Chetan Gupta
Consultant
Risk and Business Solutions
FIDS 
_______________________________________________________

          
Mobile:      +91 - 9810718489
Fax:          +91 - 11 - 2661 1012           
URL:          http://www.ey.com/in
_______________________________________________________


----------------------------------------------------------
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Ernst & Young is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.20/736 - Release Date: 3/27/2007 4:38 PM


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.20/736 - Release Date: 3/27/2007 4:38 PM
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.loganalysis.org/pipermail/loganalysis/attachments/20070328/9e40c41e/attachment.html

More information about the LogAnalysis mailing list