[syslog-ng] log for patterns
Martin Holste
mcholste at gmail.com
Thu Sep 1 18:28:22 CEST 2011
If there's not one already, Apache common log format would be worthwhile.
On Thu, Sep 1, 2011 at 3:52 AM, Peter Czanik <czanik at balabit.hu> wrote:
> Hello,
>
> While my previous post was about Windows, we did not forget about our
> UNIX/Linux users :) I'd like to extend our pattern database with new
> patterns. So I have some related questions:
>
> - Until now we dealt mostly with login/logut events of different
> applications, as this is one of the most interesting information on
> servers. Is it OK with you, or we should cover also other events? (Which?)
>
> - Which applications are you mostly interested in?
>
> - Creating logs in a "lab" environment just for pattern creation is very
> time consuming. It would be very helpful for us, if you could send logs
> in exchange for patterns. Just make sure, that there is no sensitive
> data left in the logs, as the result will be published to make it
> available for the whole syslog-ng community.
> I published a blog (
> http://czanik.blogs.balabit.com/2010/11/log-sample-collecting-project/
> ), how I collect logs for pattern creation, but of course, any logs are
> welcome!
>
> Bye,
>
> --
> Peter Czanik (CzP) <czanik at balabit.hu>
> BalaBit IT Security / syslog-ng upstream
> http://czanik.blogs.balabit.com/
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
More information about the syslog-ng
mailing list