Re: [logs] Log Analysis for Law Enforcement

From: Russell Fulton (r.fultonat_private)
Date: Sun Feb 09 2003 - 12:51:38 PST

  • Next message: Fred Mobach: "Re: [logs] How are people bringing DMZ syslog msgs into the central server?"

    > On Thu, Jan 16, 2003 at 04:05:03PM -0500, Buck Buchanan wrote:
    > [ ... ]
    > > recovered fragments of deleted logs.  Another part suggests the need for a
    > > tool to merge multiple logs from multiple machines into a timeline.
    
    I *think* "The Coroner's Toolkit" has tools to do this...
    
    -- 
    Russell Fulton, Computer and Network Security Officer
    The University of Auckland,  New Zealand
    
    "It aint necessarily so"  - Gershwin
    
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    



    This archive was generated by hypermail 2b30 : Sun Feb 09 2003 - 19:25:26 PST