[logs] Introducing The Open Event Log Project
Andrew Hay
andrewsmhay at gmail.com
Thu May 17 10:37:29 PDT 2007
The Open Event Log (OEL) Project (www.openeventlog.com) was conceived
by Andrew Hay (www.andrewhay.ca) in May 2006 as a repository for
system/server/application event logs to aide in incident response and
forensic analysis. Many tools are now available to assist the analyst
in interpreting event logs but a better understanding of the logs, as
well as samples, were lacking. Most vendors post their event log
specifications but it helps to have a central location that displays
samples of these logs.
The ultimate goal of this site is to educate users on proper event log
collection and analysis techniques which goes hand in hand with our
moto: "No log left behind!"
Please note that there is no corporate backing of this site in order
to remain as independent as possible.
Each device/application will display the following information to help
the community:
* Log Sample
* Log Description
* How To Enable Logging
* Regular Expression Matching
* References
An example of this format can be seen with the Juniper NetScreen entry
here: http://www.openeventlog.com/index.php/Juniper_NetScreen or the
FortiOS 3.0 entry here:
http://www.openeventlog.com/index.php/FortiOS_3.0
I'd appreciate any feedback you might have and invite you to
contribute as much as possible.
--
Andrew Hay
blog: https://www.andrewhay.ca
email: andrewsmhay || at || gmail.com
More information about the LogAnalysis
mailing list