[logs] Analyzing tons of logs
Chetan Gupta
chetangupta01 at gmail.com
Thu Mar 29 20:27:33 PDT 2007
Dear list members,
Thanks a lot for your wonderful insights on this topic. I've noted down all
the points mentioned and am gonna try out the various solutions
suggested.Precisely, I am gonna try and lay my hands on the following tools
in the coming weeks:
1. OSSIM
2. Manageengine adventnet
3. Splunk
4. Logpp
I would post regarding my experience with these tools.
How about sguil? Thats an NSM tool I guess. Has any one tried it?
Can anyone suggest some good repositories for sample logs containing some
attacks. I know I could get some from honeynet.org site or loganalysis.org.
Any other aprt from these two?
Thanks again,
--
Chetan Gupta ENCE, GCIA, GCFA, CEH, CCNA, CIW Sec. Analyst
Forensic Consultant
Mobile: +91 9810718489
------------------------------------------------------
Online Computer Forensics Magazine
http://www.niiconsulting.com/checkmate
------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.loganalysis.org/pipermail/loganalysis/attachments/20070330/58922c2c/attachment.html
More information about the LogAnalysis
mailing list