Read more
Klappentext This book teaches IT professionals how to analyze! manage! and automate their security log files to generate useful! repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the ôTop 10ö security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next! the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the ôTop 10ö list. By doing so! the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Zusammenfassung Teaches IT professionals how to analyze! manage! and automate their security log files to generate useful! repeatable information that can be used to make their networks efficient and secure using primarily open source tools. This book begins by discussing the 'Top 10' security logs that IT professionals should be regularly analyzing. Inhaltsverzeichnis Introduction to Security Log Management; The Top 10 Security Logs; IDS Reporting; Firewall Reporting; Systems and Network Device Reporting; Creating a Reporting Infrastructure; Scalable! Enterprise solutions (ESM deployments); Planning for the Future
