Category: Log Management

OSSEC CON 2013 Materials Available

My and my esteemed colleagues’ presentations from OSSEC CON 2013 are now available. The conference summary can be found hereĀ and my presentation can be found here. It was great meeting everyone and we had some great discussions surrounding how to

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with: ,

Symposium Presentations Available / The Future of OSSEC

Trend did a great job of outlining our plan for OSSEC in this post. They begin by describing the Symposium, just as I did in my previous post, then go on to lay out a detailed plan for the future.

Posted in Log Analysis, Log Management Tagged with:

OSSEC Symposium Recap

If you missed the first OSSEC Symposium, you missed a great opportunity to meet fellow OSSEC users and developers, partake in great food and drink and immerse yourself in a day-and-a-half of pure OSSEC geekiness! I arrived a bit early

Posted in Log Analysis, Log Management Tagged with:

OSSEC Community Symposium, July 12-13 2012

Please join me at the first OSSEC Symposium, sponsored by Trend Micro. This is a forum for the OSSEC community to come together and discuss all things OSSEC. We’ll not only talk about what makes OSSEC so effective, but what

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with:

First Impressions with ELSA: Bye-bye Grep

When I first read about ELSA, I knew it was going to be a game changer. From the very beginning, this log collection and analysis application had addressed many of the problemsĀ plaguing adoption of open source log front-ends in the

Posted in Log Analysis, Log Management

The Immutable Friday Fav Five for October 7, 2011

Special edition: Here are five log-a-licious links that I found interesting for this week: How can you know what amount of storage you will need when your centralized log server is fully operational? There are no hard-and-fast answers, but it

Posted in Log Analysis, Log Management

OSSEC 2.6 Released

The OSSEC team is pleased to announce the general availability of v2.6. This version includes support for IPV6, a new tool for key management of ‘nix agents, an option to increase the block timeout for repeat offenders, and many other

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with:

How to Configure Auditing for Dozens of Enterprise Systems

Open source log analysis types sometimes need to be crafty. We often don’t have relationships with the companies who’s products we support, but that doesn’t stop the users from wanting to use software like OSSEC to analyze logs from big,

Posted in Log Analysis, Log Management Tagged with:

Every Windows Security Event Log Documented

One of the things us log analysis types love is good documentation. It’s rare to find well-formatted, well-documented logs, so when we do find good log info, it’s like being a kid in a candy store. So without further ado,

Posted in Log Analysis, Log Management Tagged with:

Logging in the Cloud: A Primer for Success

It was inevitable. Cloud services are popping up everywhere and it was only a matter of time before log-based services started to appear. But does that mean the cloud is the right place for your logs? What are the key

Posted in Log Analysis, Log Management, Risk Management, Secure Design, Standards Tagged with: