SANS InfoSec Reading Room - Logging Technology and Techniques
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact
webmaster@sans.org.
Featuring 24 papers as of May 12, 2008
Closing Internal User Visibility and Data Governance Gaps with PacketMotion
PacketMotion - April 2008
- Detecting Attacks on Web Applications from Log Files
- Roger Meyer
- January 31, 2008
- - download paper

- Configuring and Tuning Cisco CS-MARS
- John Jarocki
- January 4, 2008
- - download paper

- Log Analyzer for Dummies
- Emilio Valente
- December 20, 2007
- - download paper

- Log Management SIMetry: A Step by Step Guide to Selecting the Correct Solution
- Jim Beechey
- October 25, 2007
- - download paper

- A Practical Application of SIM/SEM/SIEM Automating Threat Identification
- David Swift
- May 21, 2007
- - download paper

- Visual Baselines - Maximizing Economies of Scale Using Round Robin Databases
- Kirsten Hook
- January 11, 2007
- - download paper

- Building a Secure Nagios Server
- Chris Dahlke
- May 17, 2005
- - download paper

- Configuring a Free Automated Host Auditing System for windows 2000 Server and 2003 Server.
- Ryan Mortensen
- May 5, 2005
- - download paper

- How to Configuring Local Logging on Solaris 8 and Use Symantec Intruder Alert for Centralized Logging
- Nolan Haisler
- May 5, 2005
- - download paper

- Securing a Network Device Support Server Running Debian Linux
- Douglas Ridgeway
- May 5, 2005
- - download paper

- Creating A Secure Linux Logging System
- Nathaniel Hall
- January 19, 2005
- - download paper

- The Importance of Logging and Traffic Monitoring for Information Security
- Seham GadAllah
- April 19, 2004
- - download paper

- Low- to No-Cost Methods to Review Webserver Logs for Potential Security Issues
- Edgar Glasheen
- December 14, 2003
- - download paper

- Syslog and Netsaint: How to Integrate Centralized Logging with Centralized Monitoring
- Richard Murphy
- October 31, 2003
- - download paper

- Cisco Pix: Logging and Beyond
- Ben Carlsrud
- October 31, 2003
- - download paper

- Importance of Understanding Logs from an Information Security Standpoint
- Stewart Allen
- October 31, 2003
- - download paper

- Effective Logging & Use of the Kiwi Syslog Utility
- Brian R. Wilkins
- October 31, 2003
- - download paper

- Centralizing Event Logs on Windows 2000
- Gregory Lalla
- October 31, 2003
- - download paper

- Case Study: Using Syslog in a Microsoft & Cisco Environment
- Dan Rathbun
- October 31, 2003
- - download paper

- A Security Analysis of System Event Logging with Syslog
- Kenneth Nawyn
- October 31, 2003
- - download paper

- Log Analysis as an OLAP Application - A Cube to Rule Them All -
- Clement Leong
- October 31, 2003
- - download paper

- The Ins and Outs of System Logging Using Syslog
- Ian Eaton
- October 31, 2003
- - download paper

- Security Management Systems: An Oversite Layer for Layers of Defense
- Dan Keldsen
- October 31, 2003
- - download paper

This is hands-down, the premiere training opportunity.
- Dan Mather, JICPAC