[logs] Logging system framework document

From: Robyn Bailey (robyn_baileyat_private)
Date: Sun Jan 05 2003 - 15:50:37 PST

  • Next message: Kyle R. Hofmann: "[logs] liblog 0.1 available" 

    Does anyone have a framework document for a logging and monitoring that
I can have a look at? 

Basically, I am in the throes of putting together a Logging and
Monitoring system (incl. Incident Response) for our company to ISO7799
compliance and have a heap of ideas twirling around in my head but would
be good to see an example of something already done.

By a "framework document" I mean something describing how it all hangs
together. e.g. 

Windows 2000 using ?? syslog client  ------->  Linux syslog server

Linux using syslog client --------------------------> Linux syslog
server

Cisco                         ------------------------------> Linux
syslog server

 

Then what the syslog server does with it (i.e. filtering) and where/who
which alerts go to etc.,.

Hope this makes sense

 

Robyn Bailey

 

 

This email and any attachments are subject to copyright.  They may also
contain confidential information.  This email and any attachments may not be
distributed, reproduced, copied, stored or transmitted in any form or by any
means, without the prior written consent of Bridge Point Communications Pty
Ltd ABN 29 083 424 668.
Any personal information in this email must be handled in accordance with
the Privacy Act 1988 (Cth).
Emails may be interfered with, may contain computer viruses or other defects
and may not be successfully replicated on other systems. Bridge Point
Communications Pty Ltd gives no warranties in relation to these matters. If
you have any doubts about the authenticity of an email purportedly sent by
us, please contact Bridge Point Communications Pty Ltd immediately.

    Does anyone have a framework document for a logging and monitoring that I can have a look at?

    Basically, I am in the throes of putting together a Logging and Monitoring system (incl. Incident Response) for our company to ISO7799 compliance and have a heap of ideas twirling around in my head but would be good to see an example of something already done.

    By a “framework document” I mean something describing how it all hangs together. e.g.

    Windows 2000 using ?? syslog client  -----à  Linux syslog server

    Linux using syslog client ------------------------à Linux syslog server

    Cisco                         ----------------------------à Linux syslog server

     

    Then what the syslog server does with it (i.e. filtering) and where/who which alerts go to etc.,…

    Hope this makes sense

     

    Robyn Bailey

     

     

    This email and any attachments are subject to copyright. They may also
    contain confidential information. This email and any attachments may not be
    distributed, reproduced, copied, stored or transmitted in any form or by any
    means, without the prior written consent of Bridge Point Communications Pty
    Ltd ABN 29 083 424 668.
    Any personal information in this email must be handled in accordance with
    the Privacy Act 1988 (Cth).
    Emails may be interfered with, may contain computer viruses or other defects
    and may not be successfully replicated on other systems. Bridge Point
    Communications Pty Ltd gives no warranties in relation to these matters. If
    you have any doubts about the authenticity of an email purportedly sent by
    us, please contact Bridge Point Communications Pty Ltd immediately. _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis

    This archive was generated by hypermail 2b30 : Mon Jan 06 2003 - 20:49:51 PST