RE: [logs] what is normal ?

• Previous message: Dale.Drewat_private: "RE: [logs] what is normal ?"
• In reply to: bretwatsonat_private: "RE: [logs] what is normal ?"
• Next in thread: Dale.Drewat_private: "RE: [logs] what is normal ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>Log analysis, in-of-itself, isn't enough.  You need to be able to look
>>for "abnormal" patterns in log data, couple that with some analysis
>>policies

>Alternatively you could use PROLOG and do it that way..
Hmm, that sounds interesting. Could you elaborate on that? Otherwise, I
can say that you can use C or Perl for that same purpose ;-)

Best,
-- 
  Anton A. Chuvakin, Ph.D., GCIA
     http://www.chuvakin.org
   http://www.info-secure.org




_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Jon Stearley: "Re: [logs] what is normal ?"
• Previous message: Dale.Drewat_private: "RE: [logs] what is normal ?"
• In reply to: bretwatsonat_private: "RE: [logs] what is normal ?"
• Next in thread: Dale.Drewat_private: "RE: [logs] what is normal ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 30 2002 - 08:39:36 PST