Re: [logs] Log Analysis for Law Enforcement

• Previous message: Devin Kowatch: "Re: [logs] Log Analysis for Law Enforcement"
• In reply to: Devin Kowatch: "Re: [logs] Log Analysis for Law Enforcement"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Thu, Jan 16, 2003 at 04:05:03PM -0500, Buck Buchanan wrote:
> [ ... ]
> > recovered fragments of deleted logs.  Another part suggests the need for a
> > tool to merge multiple logs from multiple machines into a timeline.

I *think* "The Coroner's Toolkit" has tools to do this...

-- 
Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand

"It aint necessarily so"  - Gershwin

_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Fred Mobach: "Re: [logs] How are people bringing DMZ syslog msgs into the central server?"
• Previous message: Devin Kowatch: "Re: [logs] Log Analysis for Law Enforcement"
• In reply to: Devin Kowatch: "Re: [logs] Log Analysis for Law Enforcement"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Feb 09 2003 - 19:25:26 PST