[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: Log correlation best practices and white papers

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Re: Log correlation best practices and white papers
From: william maddler <news@xxxxxxxxxxx>
Date: Mon, 02 Apr 2007 22:52:03 +0200
Cc: daniel.cid@xxxxxxxxx
Content-transfer-encoding: 7bit

Hello Daniel,
Thank you for answering, that's a starting point at least.

If I'll (ever) be able to collect enough informations, I'll be happy to
create an entry in the wiki!


Daniel Cid wrote:
> 
> Hi William,
> 
> I would suggest the following documents to you:
> 
> Log analysis for intrusion detection:
> http://www.ossec.net/en/loganalysis.html
> 
> NIST guide to log management:
> http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf
> 
> 
> There is probably many more interesting docs, but I couldn't find them
> right now. Anyone else has any to share? It would be nice to have an
> entry in the wiki with all of them...
> 
> Thanks,
> 
> -- 
> Daniel B. Cid
> dcid ( at ) ossec.net
> 
> On 3/30/07, william maddler <news@xxxxxxxxxxx> wrote:
>>
>> Hi all,
>> does anyone could point to some existing good document about correlation
>> best practices and/or white papers?
>>
>> Thank you all.
>> William
>>

References:
- [ossec-list] Re: Log correlation best practices and white papers
  - From: Daniel Cid

Prev by Date: [ossec-list] ossec-wui v0.2
Next by Date: [ossec-list] Re: ossec and splunk
Previous by thread: [ossec-list] Re: Log correlation best practices and white papers
Next by thread: [ossec-list] Logs from SUHOSIN - PHP Hardened
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.