[prev in list] [next in list] [prev in thread] [next in thread]
List: loganalysis
Subject: [logs] Event Correlation for Analysis
From: "Rainer Gerhards" <rgerhards () hq ! adiscon ! com>
Date: 2003-03-04 17:16:48
[Download RAW message or body]
Hi all,
I have today begun work on the description of event correlation
algorithms. Right now, we are focussed on Windows, but I can see there
are others to come - PIX is another prominent example.
I am looking for prexisting work in this area - I would prefer not to
re-invent the wheel...
Here is a sample of what I intend to do:
http://www.monitorware.com/Common/en/SecurityReference/Win-EventCorrelat
ion-ProcessTracking.asp
(again, one of my "lovely" long URLs - sorry for that. Make sure it ends
in ".asp")
I would welcome any comments and links to similar resources.
Many thanks,
Rainer
_______________________________________________
LogAnalysis mailing list
LogAnalysis@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/loganalysis
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic