[logs] CEE publishing a Common Field List
Raffael Marty
rmarty at splunk.com
Thu Mar 6 11:31:46 PST 2008
Under the umbrella of the common event expression (http://
cee.mitre.org) effort, we just posted a proposal for a "common field
list":
http://www.nabble.com/CEE-Field-List-to15881800.html
At this point, we are really interested in getting feedback from the
community! Have a look at the post on the CEE list and the list
itself. Let us know, on the CEE discussion list (CEE-DISCUSSION-LIST at LISTS.MITRE.ORG
), what you like and what you don't like about the approach!
A little more context on the field list can be found here: http://blogs.splunk.com/raffy/
Thanks
-raffy
--
Raffael Marty
Chief Security Strategist @ Splunk>
Security Visualization: http://secviz.org raffy.ch/blog
More information about the LogAnalysis
mailing list