Log Analysis is one of the great overlooked aspects of operational computer security. Many organizations spend hundreds of thousands of dollars on intrusion detection systems (IDS) deployments - but still ignore their firewall logs. Why? Because the tools and knowledge to make use of that data are often not there, or the tools that exist are too inconvenient. You should expect that to change. Right now, IDS vendors are up against the wall with the volumes of data they produce; the next wave in security is to try to usefully correlate and process the contents of multiple logs.
We're dedicated to pulling together a repository of useful information on log analysis for computer security. We hope you find this site to be useful and informative. Please don't hesitate to contact us if you've got suggestions for how we can make it better!
New to the site? Click here for an overview of its organization.
Click here for the latest logging news (will autoload in 10 seconds)
Sincerely,
tbird, Stanford, CA
Marcus Ranum, Morrisdale, PA
If this remains on your screen,
then the news page has failed to load.
Please click here.
All information on this web site is copyrighted by Tina Bird and Marcus Ranum, 2002, 2003, 2004. All rights reserved. Unauthorized duplication is prohibited.