[logs] Logging system framework document

From: Robyn Bailey (robyn_baileyat_private)
Date: Sun Jan 05 2003 - 15:50:37 PST

  • Next message: Kyle R. Hofmann: "[logs] liblog 0.1 available"

    Does anyone have a framework document for a logging and monitoring that
    I can have a look at? 
    
    Basically, I am in the throes of putting together a Logging and
    Monitoring system (incl. Incident Response) for our company to ISO7799
    compliance and have a heap of ideas twirling around in my head but would
    be good to see an example of something already done.
    
    By a "framework document" I mean something describing how it all hangs
    together. e.g. 
    
    Windows 2000 using ?? syslog client  ------->  Linux syslog server
    
    Linux using syslog client --------------------------> Linux syslog
    server
    
    Cisco                         ------------------------------> Linux
    syslog server
    
     
    
    Then what the syslog server does with it (i.e. filtering) and where/who
    which alerts go to etc.,.
    
    Hope this makes sense
    
     
    
    Robyn Bailey
    
     
    
     
    
    This email and any attachments are subject to copyright.  They may also
    contain confidential information.  This email and any attachments may not be
    distributed, reproduced, copied, stored or transmitted in any form or by any
    means, without the prior written consent of Bridge Point Communications Pty
    Ltd ABN 29 083 424 668.
    Any personal information in this email must be handled in accordance with
    the Privacy Act 1988 (Cth).
    Emails may be interfered with, may contain computer viruses or other defects
    and may not be successfully replicated on other systems. Bridge Point
    Communications Pty Ltd gives no warranties in relation to these matters. If
    you have any doubts about the authenticity of an email purportedly sent by
    us, please contact Bridge Point Communications Pty Ltd immediately.
    
    

    Does anyone have a framework document for a logging and monitoring that I can have a look at?

    Basically, I am in the throes of putting together a Logging and Monitoring system (incl. Incident Response) for our company to ISO7799 compliance and have a heap of ideas twirling around in my head but would be good to see an example of something already done.

    By a “framework document” I mean something describing how it all hangs together. e.g.

    Windows 2000 using ?? syslog client  -----à  Linux syslog server

    Linux using syslog client ------------------------à Linux syslog server

    Cisco                         ----------------------------à Linux syslog server

     

    Then what the syslog server does with it (i.e. filtering) and where/who which alerts go to etc.,…

    Hope this makes sense

     

    Robyn Bailey

     

     

    This email and any attachments are subject to copyright. They may also
    contain confidential information. This email and any attachments may not be
    distributed, reproduced, copied, stored or transmitted in any form or by any
    means, without the prior written consent of Bridge Point Communications Pty
    Ltd ABN 29 083 424 668.
    Any personal information in this email must be handled in accordance with
    the Privacy Act 1988 (Cth).
    Emails may be interfered with, may contain computer viruses or other defects
    and may not be successfully replicated on other systems. Bridge Point
    Communications Pty Ltd gives no warranties in relation to these matters. If
    you have any doubts about the authenticity of an email purportedly sent by
    us, please contact Bridge Point Communications Pty Ltd immediately. _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis



    This archive was generated by hypermail 2b30 : Mon Jan 06 2003 - 20:49:51 PST