Security Log Management

Security Log Management

This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the “Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the “Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of “log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks


Author
Publisher Elsevier
Release Date
ISBN 9780080489704
Pages 350 pages
Rating 4/5 (02 users)

More Books:

Security Log Management
Language: en
Pages: 350
Authors: Jacob Babbin
Categories: Computers
Type: BOOK - Published: 2006-01-27 - Publisher: Elsevier

This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to m
Logging and Log Management
Language: en
Pages: 460
Authors: Anton Chuvakin
Categories: Computers
Type: BOOK - Published: 2012-12-31 - Publisher: Newnes

Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management introduces information technology profe
Computer and Information Security Handbook
Language: en
Pages: 1280
Authors: John R. Vacca
Categories: Computers
Type: BOOK - Published: 2017-05-10 - Publisher: Morgan Kaufmann

Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The bo
Audit and Trace Log Management
Language: en
Pages: 192
Authors: Phillip Q. Maier
Categories: Business & Economics
Type: BOOK - Published: 2006-04-05 - Publisher: CRC Press

As regulation and legislation evolve, the critical need for cost-effective and efficient IT audit and monitoring solutions will continue to grow. Audit and Trac
Securing Microsoft Terminal Services
Language: en
Pages: 280
Authors: Roddy Rodstein
Categories: Computers
Type: BOOK - Published: 2007-06 - Publisher: Lulu.com

"Securing Microsoft Terminal Services" shows how to use Enterprise Architecture methodologies, industry standards and best practices, such as ISO17799, CobIT, t
Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS
Language: en
Pages: 52
Authors: Axel Buecker
Categories: Computers
Type: BOOK - Published: 2010-08-12 - Publisher: IBM Redbooks

Every organization has a core set of mission-critical data that requires protection. Security lapses and failures are not simply disruptions, they can be catast
Information Security in Healthcare: Managing Risk
Language: en
Pages: 324
Authors: Terrell W. Herzig, MSHI, CISSP, Editor
Categories: Computer security
Type: BOOK - Published: 2010 - Publisher: HIMSS

IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager
Language: en
Pages: 464
Authors: Axel Buecker
Categories: Computers
Type: BOOK - Published: 2010-07-16 - Publisher: IBM Redbooks

To comply with government and industry regulations, such as Sarbanes-Oxley, Gramm Leach Bliley (GLBA), and COBIT (which can be considered a best-practices frame
Security Program and Policies
Language: en
Pages: 648
Authors: Sari Greene
Categories: Computers
Type: BOOK - Published: 2014-03-20 - Publisher: Pearson IT Certification

Everything you need to know about information security programs and policies, in one book Clearly explains all facets of InfoSec program and policy planning, de
Official (ISC)2 Guide to the CISSP CBK
Language: en
Pages: 1304
Authors: Adam Gordon
Categories: Computers
Type: BOOK - Published: 2015-04-08 - Publisher: CRC Press

As a result of a rigorous, methodical process that (ISC) follows to routinely update its credential exams, it has announced that enhancements will be made to bo