Looking at the existing log collection on loganalysis.org I have a suggestion. When submitting a log, specify the OS/firmware version of the device, the type of syslog server (if applicable) and other device or syslog server-specific settings that may affect they log entries (i.e. time stamps for Cisco Pix firewalls). For someone developing log-parsing applications this type of information is very important. As an example, I have recently submitted a Cisco Pix firewall log and this is the additional information that I provided: - Cisco PIX 515 - OS version: 6.1(3) - Logging level: 7, timestamp enabled - Syslog server: Adiscon WinSyslog version 5.0 running on Windows 2003 server Regards, Adrian Grigorof www.firegen.com www.eventid.net ----- Original Message ----- Subject: Re: [logs] Log Samples Requested [...] > we've been trying to establish a log codex on loganalysis.org > for some time. Getting log data is like pulling teeth. :) Please, people > if you have logs you are willing to share, send them to loganalysis.org > as well. _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Sun Mar 14 2004 - 12:56:26 PST