I haven't personally used it, although some quick poking around on
Google turned up quite a few thoughts:
http://www.google.com/search?q=LogSurfer+review You're likely to find
some helpful information in there.
Looks like LogSurfer made it into a book from CERT
(http://www.apacheweek.com//features/book-certg.html). Some more
Googling could turn up the actual text of it. From the bits and pieces
I read, many people seem to like it alot.
Something else I love Google for, turning up people's bookmark backups:
- http://www.cnetwork.com/~rhaskins/bookmarks.html
- http://www.sevenseas.org/~adellam/bookmarks.html
- http://www.ecst.csuchico.edu/~py/bookmarks.html
Yeah, LogSurfer is in all of them. =)
--
Peace. ~G
On Fri, 24 Sep 2004 15:07:41 -0400, Thomas Harris <tharris@andera.com> wrote:
Has anyone used logsurfer for this purpose?
http://www.crypt.gen.nz/logsurfer/
Anich, Ryan L wrote:
I am not sure how in depth you are planning to go with your strategy, but
this is what I am looking at for a solution for my company.
http://www.arcsight.com/
-----Original Message-----
From: Tran, Nhon [mailto:Nhon.Tran@logicacmg.com]
Sent: Monday, September 20, 2004 2:36 AM
To: security-basics@securityfocus.com
Subject: syslog
Hi all
One of the companies I support wants to implement a syslog strategy for all
their infrasturcture devices.. Unix boxes, windows server, cisco comms
devices. To hopefully capture all the logs, we're talking about lots of
logs, their domain servers log about 300K items a day!.. Unix boxes log
heaps too about 70K per day per server!.. They have around 80 unix server,
120 windows servers and about 150 comms devices.. Any idea what the best way
to go about this would be, also any suggestions of what log analysis
software to use?
Nhon
