RE: [logs] Severity classification and Snort events.

• Previous message: Marcus J. Ranum: "Re: [logs] Severity classification and Snort events."
• Maybe in reply to: Julio Jaime: "[logs] Severity classification and Snort events."
• Next in thread: Marcus J. Ranum: "RE: [logs] Severity classification and Snort events."
• Reply: Marcus J. Ranum: "RE: [logs] Severity classification and Snort events."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Marcus J. Ranum wrote:
>I guess what I'm saying is that none of this is rocket science but it
depends
>entirely on building some very expensive intellectual property. Which is
why
>the only people who are doing much with it are well-funded organizations or
>vendors.

I am glad to read that.  I recently starting collecting syslog information
from my network devices.  I have learned agreat deal by doing this but I
have been struggling when it comes to analysis.
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Blaise St-Laurent: "[logs] sending flatfiles to the event log in windows."
• Previous message: Marcus J. Ranum: "Re: [logs] Severity classification and Snort events."
• Maybe in reply to: Julio Jaime: "[logs] Severity classification and Snort events."
• Next in thread: Marcus J. Ranum: "RE: [logs] Severity classification and Snort events."
• Reply: Marcus J. Ranum: "RE: [logs] Severity classification and Snort events."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Apr 27 2003 - 13:04:20 PDT