Security log management :: identifying patterns in the chaos /
This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that...
Gespeichert in:
1. Verfasser: | |
---|---|
Format: | Elektronisch E-Book |
Sprache: | English |
Veröffentlicht: |
Rockland, MA :
Syngress,
©2006.
|
Schlagworte: | |
Online-Zugang: | Volltext Volltext |
Zusammenfassung: | This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks. |
Beschreibung: | Includes index. |
Beschreibung: | 1 online resource (xviii, 333 pages) : illustrations |
Bibliographie: | Includes index. |
ISBN: | 1423754174 9781423754176 0080489702 9780080489704 9781597490429 1597490423 |
Internformat
MARC
LEADER | 00000cam a2200000 a 4500 | ||
---|---|---|---|
001 | ZDB-4-EBA-ocm64274794 | ||
003 | OCoLC | ||
005 | 20241004212047.0 | ||
006 | m o d | ||
007 | cr cnu---unuuu | ||
008 | 060224s2006 maua o 001 0 eng d | ||
010 | |z 2006355064 | ||
040 | |a N$T |b eng |e pn |c N$T |d OCLCQ |d TUU |d OCLCQ |d OCLCO |d OCLCQ |d OCLCF |d NLGGC |d OCLCQ |d N15 |d E7B |d YDXCP |d NTG |d DKDLA |d ZCU |d U5D |d B24X7 |d OPELS |d OKU |d FVL |d DEBSZ |d MERUC |d IDEBK |d AU@ |d OCLCQ |d COO |d AZK |d JBG |d LOA |d AGLDB |d COCUF |d CNNOR |d MOR |d PIFBR |d LIV |d OCLCQ |d WY@ |d U3W |d LUE |d STF |d BRL |d WRM |d D6H |d WCO |d OCLCQ |d VTS |d OCLCQ |d INT |d VT2 |d OCLCQ |d N$T |d WYU |d OCLCQ |d A6Q |d OCLCQ |d LEAUB |d M8D |d UKCRE |d OCLCO |d OCLCQ |d INARC |d OCLCQ |d OCLCO |d SXB |d OCLCQ |d OCLCO | ||
019 | |a 67290245 |a 84145610 |a 162597457 |a 181421127 |a 437163441 |a 473722873 |a 475321970 |a 507548149 |a 606030999 |a 647464666 |a 722429489 |a 728037597 |a 780972090 |a 888477724 |a 961586337 |a 962649503 |a 966232129 |a 988452195 |a 991942086 |a 992022292 |a 1035697110 |a 1037519438 |a 1037693594 |a 1038632406 |a 1045536758 |a 1055401113 |a 1058102874 |a 1063991286 |a 1076307480 |a 1081293741 |a 1153563028 |a 1202567392 |a 1228551084 |a 1240508121 |a 1345652304 | ||
020 | |a 1423754174 |q (electronic bk.) | ||
020 | |a 9781423754176 |q (electronic bk.) | ||
020 | |a 0080489702 | ||
020 | |a 9780080489704 | ||
020 | |a 9781597490429 | ||
020 | |a 1597490423 | ||
035 | |a (OCoLC)64274794 |z (OCoLC)67290245 |z (OCoLC)84145610 |z (OCoLC)162597457 |z (OCoLC)181421127 |z (OCoLC)437163441 |z (OCoLC)473722873 |z (OCoLC)475321970 |z (OCoLC)507548149 |z (OCoLC)606030999 |z (OCoLC)647464666 |z (OCoLC)722429489 |z (OCoLC)728037597 |z (OCoLC)780972090 |z (OCoLC)888477724 |z (OCoLC)961586337 |z (OCoLC)962649503 |z (OCoLC)966232129 |z (OCoLC)988452195 |z (OCoLC)991942086 |z (OCoLC)992022292 |z (OCoLC)1035697110 |z (OCoLC)1037519438 |z (OCoLC)1037693594 |z (OCoLC)1038632406 |z (OCoLC)1045536758 |z (OCoLC)1055401113 |z (OCoLC)1058102874 |z (OCoLC)1063991286 |z (OCoLC)1076307480 |z (OCoLC)1081293741 |z (OCoLC)1153563028 |z (OCoLC)1202567392 |z (OCoLC)1228551084 |z (OCoLC)1240508121 |z (OCoLC)1345652304 | ||
037 | |a 116458:116556 |b Elsevier Science & Technology |n http://www.sciencedirect.com | ||
050 | 4 | |a TK5105.59 |b .B333 2006eb | |
072 | 7 | |a COM |x 060040 |2 bisacsh | |
072 | 7 | |a COM |x 043050 |2 bisacsh | |
072 | 7 | |a COM |x 053000 |2 bisacsh | |
072 | 7 | |a UACD |2 bicssc | |
082 | 7 | |a 005.8 |2 22 | |
049 | |a MAIN | ||
100 | 1 | |a Babbin, Jacob. |1 https://id.oclc.org/worldcat/entity/E39PCjGTh3G3j3wJBChBGVrb7d |0 http://id.loc.gov/authorities/names/nb2005003112 | |
245 | 1 | 0 | |a Security log management : |b identifying patterns in the chaos / |c Jacob Babbin [and others]. |
260 | |a Rockland, MA : |b Syngress, |c ©2006. | ||
300 | |a 1 online resource (xviii, 333 pages) : |b illustrations | ||
336 | |a text |b txt |2 rdacontent | ||
337 | |a computer |b c |2 rdamedia | ||
338 | |a online resource |b cr |2 rdacarrier | ||
347 | |a data file | ||
500 | |a Includes index. | ||
588 | 0 | |a Print version record. | |
505 | 0 | |a Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser. | |
520 | |a This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks. | ||
504 | |a Includes index. | ||
650 | 0 | |a Computer networks |x Security measures. |0 http://id.loc.gov/authorities/subjects/sh94001277 | |
650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
650 | 7 | |a COMPUTERS |x Internet |x Security. |2 bisacsh | |
650 | 7 | |a COMPUTERS |x Networking |x Security. |2 bisacsh | |
650 | 7 | |a COMPUTERS |x Security |x General. |2 bisacsh | |
650 | 7 | |a Computer networks |x Security measures |2 fast | |
776 | 0 | 8 | |i Print version: |a Babbin, Jacob. |t Security log management. |d Rockland, MA : Syngress, ©2006 |z 1597490423 |w (OCoLC)63807023 |
856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=149571 |3 Volltext |
856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://www.sciencedirect.com/science/book/9781597490429 |3 Volltext |
938 | |a Books 24x7 |b B247 |n bks00005155 | ||
938 | |a ebrary |b EBRY |n ebr10110280 | ||
938 | |a EBSCOhost |b EBSC |n 149571 | ||
938 | |a YBP Library Services |b YANK |n 2627215 | ||
938 | |a YBP Library Services |b YANK |n 2730635 | ||
938 | |a YBP Library Services |b YANK |n 2395141 | ||
938 | |a Internet Archive |b INAR |n securitylogmanag0000babb | ||
994 | |a 92 |b GEBAY | ||
912 | |a ZDB-4-EBA | ||
049 | |a DE-863 |
Datensatz im Suchindex
DE-BY-FWS_katkey | ZDB-4-EBA-ocm64274794 |
---|---|
_version_ | 1816881634057650177 |
adam_text | |
any_adam_object | |
author | Babbin, Jacob |
author_GND | http://id.loc.gov/authorities/names/nb2005003112 |
author_facet | Babbin, Jacob |
author_role | |
author_sort | Babbin, Jacob |
author_variant | j b jb |
building | Verbundindex |
bvnumber | localFWS |
callnumber-first | T - Technology |
callnumber-label | TK5105 |
callnumber-raw | TK5105.59 .B333 2006eb |
callnumber-search | TK5105.59 .B333 2006eb |
callnumber-sort | TK 45105.59 B333 42006EB |
callnumber-subject | TK - Electrical and Nuclear Engineering |
collection | ZDB-4-EBA |
contents | Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser. |
ctrlnum | (OCoLC)64274794 |
dewey-full | 005.8 |
dewey-hundreds | 000 - Computer science, information, general works |
dewey-ones | 005 - Computer programming, programs, data, security |
dewey-raw | 005.8 |
dewey-search | 005.8 |
dewey-sort | 15.8 |
dewey-tens | 000 - Computer science, information, general works |
discipline | Informatik |
format | Electronic eBook |
fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>06285cam a2200673 a 4500</leader><controlfield tag="001">ZDB-4-EBA-ocm64274794 </controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr cnu---unuuu</controlfield><controlfield tag="008">060224s2006 maua o 001 0 eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="z"> 2006355064</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">N$T</subfield><subfield code="b">eng</subfield><subfield code="e">pn</subfield><subfield code="c">N$T</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">TUU</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCF</subfield><subfield code="d">NLGGC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">N15</subfield><subfield code="d">E7B</subfield><subfield code="d">YDXCP</subfield><subfield code="d">NTG</subfield><subfield code="d">DKDLA</subfield><subfield code="d">ZCU</subfield><subfield code="d">U5D</subfield><subfield code="d">B24X7</subfield><subfield code="d">OPELS</subfield><subfield code="d">OKU</subfield><subfield code="d">FVL</subfield><subfield code="d">DEBSZ</subfield><subfield code="d">MERUC</subfield><subfield code="d">IDEBK</subfield><subfield code="d">AU@</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">COO</subfield><subfield code="d">AZK</subfield><subfield code="d">JBG</subfield><subfield code="d">LOA</subfield><subfield code="d">AGLDB</subfield><subfield code="d">COCUF</subfield><subfield code="d">CNNOR</subfield><subfield code="d">MOR</subfield><subfield code="d">PIFBR</subfield><subfield code="d">LIV</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">WY@</subfield><subfield code="d">U3W</subfield><subfield code="d">LUE</subfield><subfield code="d">STF</subfield><subfield code="d">BRL</subfield><subfield code="d">WRM</subfield><subfield code="d">D6H</subfield><subfield code="d">WCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">VTS</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">INT</subfield><subfield code="d">VT2</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">N$T</subfield><subfield code="d">WYU</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">A6Q</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">LEAUB</subfield><subfield code="d">M8D</subfield><subfield code="d">UKCRE</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">INARC</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">SXB</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">67290245</subfield><subfield code="a">84145610</subfield><subfield code="a">162597457</subfield><subfield code="a">181421127</subfield><subfield code="a">437163441</subfield><subfield code="a">473722873</subfield><subfield code="a">475321970</subfield><subfield code="a">507548149</subfield><subfield code="a">606030999</subfield><subfield code="a">647464666</subfield><subfield code="a">722429489</subfield><subfield code="a">728037597</subfield><subfield code="a">780972090</subfield><subfield code="a">888477724</subfield><subfield code="a">961586337</subfield><subfield code="a">962649503</subfield><subfield code="a">966232129</subfield><subfield code="a">988452195</subfield><subfield code="a">991942086</subfield><subfield code="a">992022292</subfield><subfield code="a">1035697110</subfield><subfield code="a">1037519438</subfield><subfield code="a">1037693594</subfield><subfield code="a">1038632406</subfield><subfield code="a">1045536758</subfield><subfield code="a">1055401113</subfield><subfield code="a">1058102874</subfield><subfield code="a">1063991286</subfield><subfield code="a">1076307480</subfield><subfield code="a">1081293741</subfield><subfield code="a">1153563028</subfield><subfield code="a">1202567392</subfield><subfield code="a">1228551084</subfield><subfield code="a">1240508121</subfield><subfield code="a">1345652304</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1423754174</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781423754176</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0080489702</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780080489704</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781597490429</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1597490423</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)64274794</subfield><subfield code="z">(OCoLC)67290245</subfield><subfield code="z">(OCoLC)84145610</subfield><subfield code="z">(OCoLC)162597457</subfield><subfield code="z">(OCoLC)181421127</subfield><subfield code="z">(OCoLC)437163441</subfield><subfield code="z">(OCoLC)473722873</subfield><subfield code="z">(OCoLC)475321970</subfield><subfield code="z">(OCoLC)507548149</subfield><subfield code="z">(OCoLC)606030999</subfield><subfield code="z">(OCoLC)647464666</subfield><subfield code="z">(OCoLC)722429489</subfield><subfield code="z">(OCoLC)728037597</subfield><subfield code="z">(OCoLC)780972090</subfield><subfield code="z">(OCoLC)888477724</subfield><subfield code="z">(OCoLC)961586337</subfield><subfield code="z">(OCoLC)962649503</subfield><subfield code="z">(OCoLC)966232129</subfield><subfield code="z">(OCoLC)988452195</subfield><subfield code="z">(OCoLC)991942086</subfield><subfield code="z">(OCoLC)992022292</subfield><subfield code="z">(OCoLC)1035697110</subfield><subfield code="z">(OCoLC)1037519438</subfield><subfield code="z">(OCoLC)1037693594</subfield><subfield code="z">(OCoLC)1038632406</subfield><subfield code="z">(OCoLC)1045536758</subfield><subfield code="z">(OCoLC)1055401113</subfield><subfield code="z">(OCoLC)1058102874</subfield><subfield code="z">(OCoLC)1063991286</subfield><subfield code="z">(OCoLC)1076307480</subfield><subfield code="z">(OCoLC)1081293741</subfield><subfield code="z">(OCoLC)1153563028</subfield><subfield code="z">(OCoLC)1202567392</subfield><subfield code="z">(OCoLC)1228551084</subfield><subfield code="z">(OCoLC)1240508121</subfield><subfield code="z">(OCoLC)1345652304</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">116458:116556</subfield><subfield code="b">Elsevier Science & Technology</subfield><subfield code="n">http://www.sciencedirect.com</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">TK5105.59</subfield><subfield code="b">.B333 2006eb</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">060040</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">043050</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">053000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">UACD</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Babbin, Jacob.</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCjGTh3G3j3wJBChBGVrb7d</subfield><subfield code="0">http://id.loc.gov/authorities/names/nb2005003112</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Security log management :</subfield><subfield code="b">identifying patterns in the chaos /</subfield><subfield code="c">Jacob Babbin [and others].</subfield></datafield><datafield tag="260" ind1=" " ind2=" "><subfield code="a">Rockland, MA :</subfield><subfield code="b">Syngress,</subfield><subfield code="c">©2006.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (xviii, 333 pages) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="347" ind1=" " ind2=" "><subfield code="a">data file</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index.</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Print version record.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser.</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes index.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh94001277</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Réseaux d'ordinateurs</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Internet</subfield><subfield code="x">Security.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Networking</subfield><subfield code="x">Security.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Security</subfield><subfield code="x">General.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Babbin, Jacob.</subfield><subfield code="t">Security log management.</subfield><subfield code="d">Rockland, MA : Syngress, ©2006</subfield><subfield code="z">1597490423</subfield><subfield code="w">(OCoLC)63807023</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=149571</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://www.sciencedirect.com/science/book/9781597490429</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Books 24x7</subfield><subfield code="b">B247</subfield><subfield code="n">bks00005155</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ebrary</subfield><subfield code="b">EBRY</subfield><subfield code="n">ebr10110280</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">149571</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">2627215</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">2730635</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">2395141</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Internet Archive</subfield><subfield code="b">INAR</subfield><subfield code="n">securitylogmanag0000babb</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
id | ZDB-4-EBA-ocm64274794 |
illustrated | Illustrated |
indexdate | 2024-11-27T13:15:50Z |
institution | BVB |
isbn | 1423754174 9781423754176 0080489702 9780080489704 9781597490429 1597490423 |
language | English |
oclc_num | 64274794 |
open_access_boolean | |
owner | MAIN DE-863 DE-BY-FWS |
owner_facet | MAIN DE-863 DE-BY-FWS |
physical | 1 online resource (xviii, 333 pages) : illustrations |
psigel | ZDB-4-EBA |
publishDate | 2006 |
publishDateSearch | 2006 |
publishDateSort | 2006 |
publisher | Syngress, |
record_format | marc |
spelling | Babbin, Jacob. https://id.oclc.org/worldcat/entity/E39PCjGTh3G3j3wJBChBGVrb7d http://id.loc.gov/authorities/names/nb2005003112 Security log management : identifying patterns in the chaos / Jacob Babbin [and others]. Rockland, MA : Syngress, ©2006. 1 online resource (xviii, 333 pages) : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier data file Includes index. Print version record. Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser. This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks. Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Réseaux d'ordinateurs Sécurité Mesures. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast Print version: Babbin, Jacob. Security log management. Rockland, MA : Syngress, ©2006 1597490423 (OCoLC)63807023 FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=149571 Volltext FWS01 ZDB-4-EBA FWS_PDA_EBA https://www.sciencedirect.com/science/book/9781597490429 Volltext |
spellingShingle | Babbin, Jacob Security log management : identifying patterns in the chaos / Log analysis : overall issues -- IDS reporting -- Firewall reporting -- Systems and network device reporting -- Creating a reporting infrastructure -- Scalable enterprise Solutions (ESM deployments) -- Managing log files with Microsoft Log Parser -- Investigating intrusions with Microsoft Log Parser -- Managing Snort alerts with Microsoft Log Parser. Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Réseaux d'ordinateurs Sécurité Mesures. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast |
subject_GND | http://id.loc.gov/authorities/subjects/sh94001277 |
title | Security log management : identifying patterns in the chaos / |
title_auth | Security log management : identifying patterns in the chaos / |
title_exact_search | Security log management : identifying patterns in the chaos / |
title_full | Security log management : identifying patterns in the chaos / Jacob Babbin [and others]. |
title_fullStr | Security log management : identifying patterns in the chaos / Jacob Babbin [and others]. |
title_full_unstemmed | Security log management : identifying patterns in the chaos / Jacob Babbin [and others]. |
title_short | Security log management : |
title_sort | security log management identifying patterns in the chaos |
title_sub | identifying patterns in the chaos / |
topic | Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Réseaux d'ordinateurs Sécurité Mesures. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast |
topic_facet | Computer networks Security measures. Réseaux d'ordinateurs Sécurité Mesures. COMPUTERS Internet Security. COMPUTERS Networking Security. COMPUTERS Security General. Computer networks Security measures |
url | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=149571 https://www.sciencedirect.com/science/book/9781597490429 |
work_keys_str_mv | AT babbinjacob securitylogmanagementidentifyingpatternsinthechaos |