Re: Security Event format standards?

Many people have tried to build a schema for security event formatting, but 
each security vendor has usually used syslog format for their security 
event data or used some format that made sense to the engineers who coded 
the product and no one else.  Depending on the security product, detailed 
security events may have not been on their customer feature list for that 
particular release of the product. :(

At 06:01 PM 1/3/2005, Bill Stout wrote:

> Are there standard formats for reporting desktop security events?
>
> Is there a standard format, and a standard event number for events (such 
> as; attach to process, alter users run key), similar to CAN or CVE numbers 
> for vulnerabilities?
>
> Thanks,
>
> Bill Stout
>
> This electronic transmission (and any attached documents) is for the sole 
> use of the individual or entity to whom it is addressed. It is 
> confidential and may be privileged. Any further distribution or copying of 
> this message is strictly prohibited. If you received this message in 
> error, please notify GreenBorder immediately by telephone at (650) 
> 625.0601 and destroy the message (and all attached documents), immediately.