[logs] checking logs for time holes

• Previous message: Harlan Carvey: "Re: [logs] Monitoring Windows Security Events"
• In reply to: Sheng Ma: "[logs] Generic log adapter from IBM: tool for handling raw messages"
• Next in thread: Oddbjorn Steffensen: "Re: [logs] checking logs for time holes"
• Reply: Oddbjorn Steffensen: "Re: [logs] checking logs for time holes"
• Reply: Clausing, James A (Jim), WCCO: "RE: [logs] checking logs for time holes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All,

Loooong time ago I saw a program which was used to check log files for
"time holes". So, for example, if you usually have a message from host
"box1" every 3-5 minutes and this time there is a 30 minute hole with
nothing from "box1", I want to know about it.

I googled around trying to find smething of that sort, but with no
results. Who can remind me about such program? I will be deeply grateful!

Best,
-- 
  Anton A. Chuvakin, Ph.D., GCI*
     http://www.chuvakin.org
   http://www.info-secure.org

_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Rainer Gerhards: "Re: [logs] Monitoring Windows Security Events"
• Previous message: Harlan Carvey: "Re: [logs] Monitoring Windows Security Events"
• In reply to: Sheng Ma: "[logs] Generic log adapter from IBM: tool for handling raw messages"
• Next in thread: Oddbjorn Steffensen: "Re: [logs] checking logs for time holes"
• Reply: Oddbjorn Steffensen: "Re: [logs] checking logs for time holes"
• Reply: Clausing, James A (Jim), WCCO: "RE: [logs] checking logs for time holes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 06 2003 - 15:15:46 PDT