[logs] Re: Which reports are most important?

• Previous message: Adrian Grigorof: "[logs] Re: Which reports are most important?"
• In reply to: Chris Brenton: "[logs] Which reports are most important?"
• Next in thread: Darren Reed: "[logs] Re: Which reports are most important?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Quoting Chris Brenton <cbrenton@private>:

> What do you feel are the top 5 reports a centralized log management
> system should provide?

This is not so much my Top 5 but some additions to your list below.

Users/groups created/deleted/changed
Anti-virus / spam detection (alerts for AV and stats for spam)
FW/VPN/gateway ruleset & configuration changes
Tripwire-style reports for critical files/hosts
Failed jobs/cron/batches

Regards

James Turnbull

-- 
James Turnbull <james@private>
---
Author of Pro Nagios 2.0
(http://www.amazon.com/gp/product/1590596099/)

Hardening Linux
(http://www.amazon.com/gp/product/1590594444/)
---
PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Previous message: Adrian Grigorof: "[logs] Re: Which reports are most important?"
• In reply to: Chris Brenton: "[logs] Which reports are most important?"
• Next in thread: Darren Reed: "[logs] Re: Which reports are most important?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed May 17 2006 - 20:40:45 PDT