Thursday, May 15th, 2008
This is really cool news! The First USENIX Workshop on the Analysis of System Logs (WASL '08) is happening on December 7th, 2008 in San Diego, CA. About the event:
System logs contain a wide variety of information about system status and health, including events from various applications, daemons, and drivers, ...
Posted in The Art of Log Analysis |
Tuesday, May 13th, 2008
Stephen Northcutt, of SANS Institute fame, recently recognized me as a Thought Leader in the area of log management. I'm quite humbled to be included with the likes of our own Log Analysis Professional contributors Dr. Anton Chuvakin and Ron Gula (among others).
The interview has been posted on the SANS ...
Posted in Log Analysis Professionals |
Wednesday, May 7th, 2008
So, I was talking to this small log management vendor the other day and he confided to me that his product faces fierce competition in his target market (which is, important to note, small to medium companies with 10-100 systems): and this competition is apathy.
More specifically, his ...
Posted in Log Analysis Professionals |
Tuesday, April 8th, 2008
You're probably looking at the title of this blog post and thinking...what? What's he talking about? Well, as an incident analyst (which includes performing forensic examinations), I many times have to attempt to determine user login times, user activity on the system (applications run, files opened or modified), ...
Posted in The Art of Log Analysis |
Friday, March 7th, 2008
Under the umbrella of the common event expression (CEE) effort, we just posted a proposal for a common field list for log files.
At this point, we are really interested in getting feedback from the community! Have a look at the post on the CEE list and the list itself. Let ...
Posted in The Art of Log Analysis |
Friday, March 7th, 2008
I'd like to welcome Peter Giannoulis to the Log Analysis Professionals stable of professional bloggers.
Peter is an information security consultant in Toronto, Ontario. Over the last 9 years Peter has been involved in the design and implementation of client defenses using many different security technologies. He is also skilled in ...
Posted in Log Analysis Professionals |
Wednesday, March 5th, 2008
The Academy (http://www.theacademy.ca) officially launches its web site today providing instructional videos for the information security community. For the first time ever, the average user to the most seasoned industry expert will be able to watch instructional videos on how to install popular products, address common configuration issues, and troubleshoot ...
Posted in The Art of Log Analysis |
Sunday, February 17th, 2008
Somebody asked me a few days ago: EXACTLY what logging we absolutely MUST do for PCI DSS compliance? This is actually not as simple!
The honest answer to the above question is that there is no list of what EXACTLY you MUST be logging due to PCI or, pretty much, any ...
Posted in The Art of Log Analysis |
Sunday, February 3rd, 2008
Many who know me, know that I am a huge fan of free security resources. Papers from the SANS Information Security Reading Room are just such a resource. Two new papers were recently posted to the reading room that are certainly worth checking out. I'm sure the authors would greatly ...
Posted in The Art of Log Analysis |
Tuesday, January 29th, 2008
I'd like to welcome Harlan Carvey to the Log Analysis Professionals stable of professional bloggers.
Harlan is a nerd who does incident response and computer forensics work, and is based out of the Metro DC area. In an effort to demonstrate just how much of a nerd he is, Harlan has ...
Posted in Log Analysis Professionals |