عنوان

Security log management :

(Number (ISBN

0080489702

(Number (ISBN

1423754174

(Number (ISBN

1597490423

(Number (ISBN

9780080489704

(Number (ISBN

9781423754176

(Number (ISBN

9781597490429

Number

b727734

Title Proper

Security log management :

General Material Designation

[Book]

Other Title Information

identifying patterns in the chaos /

First Statement of Responsibility

Jacob Babbin [and others].

Place of Publication, Distribution, etc.

Rockland, MA :

Name of Publisher, Distributor, etc.

Syngress,

Date of Publication, Distribution, etc.

©2006.

Specific Material Designation and Extent of Item

1 online resource (xviii, 333 pages) :

Other Physical Details

illustrations

Text of Note

Includes index.

Text of Note

Includes index.

Text of Note

Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser.

0

Text of Note

This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.

Source for Acquisition/Subscription Address

Elsevier Science & Technology

Stock Number

116458:116556

Title

Security log management.

International Standard Book Number

1597490423

Computer networks-- Security measures.

Computer networks-- Security measures.

COMPUTERS-- Internet-- Security.

COMPUTERS-- Networking-- Security.

COMPUTERS-- Security-- General.

COM-- 043050

COM-- 053000

COM-- 060040

UACD

Number

Edition

Class number

Book number

Babbin, Jacob.

Date of Transaction

20201214011446.0

Cataloguing Rules (Descriptive Conventions))

pn

Electronic name

[Book]

Y