Security Log Management: Identifying Patterns in the Chaos
by Jacob Babbin, Dave Kleiman, Everett F. Carter Jr., Jeremy Faircloth, Mark Burnett, Esteban Gutierrez
List Price:
Our Price: $25.96
You Save: $23.99 (48%)
Availability: Usually ships in 1-2 business days
Category: Book
See more book details and other editions
Book Summary Information
Author: Dave Kleiman, Esteban Gutierrez, Everett F. Carter Jr., Jacob Babbin, Jeremy Faircloth, Mark BurnettEdition: Paperback
Audio: English (Original Language); English (Unknown); English (Published)
Format: Illustrated
Published: 2006-01-13
ISBN: 1597490423
Number of pages: 350
Publisher: Syngress
Book Reviews of Security Log Management: Identifying Patterns in the Chaos
Book Review: CAPTAIN'S SECURITY LOG: STARDATE: NOW
Summary: 5 Stars
Do you know how to manage your security log? If you don't, then this book is for you. Authors Jacob Babbin, Dave Kleiman, Everett F. Carter Jr., Jeremy Faircloth, Mark Burnett and Esteban Gutierrez, have done an outstanding job of writing a book that shows you how to exactly solve the various problems pertinent to log generation, storage, processing, and reporting.
Babbin, Kleiman, Carter Jr., Faircloth, Burnett and Gutierrez, begin by covering how to get more information out of your passive detection systems. Then, the authors explore how to find key events in the log files of your Web servers and their host systems, and correlating data to give you useful reports. Next, they illustrate the depth and breadth your security logs can cover. They continue by exploring what ESM is, how it works, and when and where it should be used. In addition, the authors go over each of the primary areas of focus, and show you some techniques you can use to best manage your log files. Finally, they show you how to build a toolbox of queries that you will have ready to use if needed.
The ideas and tools shown in this most excellent book will help your organization in several ways. Perhaps more importantly, if you keep all of the solutions shown in this book in mind, your organization should have a flexible, scalable, remotely accessible security reporting infrastructure that can bend to the needs of an organization.
Summary of Security Log Management: Identifying Patterns in the Chaos
As a system administrator or security professionals, you probably find yourself inundated each day with a deluge of log files from seemingly countless devices, servers, and applications on your network ranging from Windows Server to Snort to your PIX firewall and everything in between. At times, the task of "seeing the forest through the trees" to extract useful, repeatable information from these logs may seem almost impossible. This unique book will show you how to use a combination of open source software such as Tcpdstats, and Snort perfmonitor to create succinct, meaningful reports that give you the big picture of your network's overall health and well being. So, if you need to analyze and prioritize everything from how much of your bandwidth is devoted to browsing ESPN.com, to the most targeted machines in your IDS logs, this is the book for you. This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools.The book begins by discussing the "Top 10" security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the "Top 10" list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site.
Privacy Books
Book Subjects
- Arts & Photography
- Audiobooks on Cassette
- Audiobooks on CD
- Biographies & Memoirs
- Business & Investing
- Children's Books
- Comics & Graphic Novels
- Computers & Internet
- Cooking, Food & Wine
- e-Books
- Engineering
- Entertainment
- Gay & Lesbian
- Health, Mind & Body
- History
- Home & Garden
- Horror
- Law
- Literature & Fiction
- Medicine
- Mystery & Thrillers
- Nonfiction
- Outdoors & Nature
- Parenting & Families
- Professional & Technical
- Reference
- Religion & Spirituality
- Romance
- Science
- Science Fiction & Fantasy
- Sports
- Teens
- Travel
Most talked about in My book collaborations
Perl Scripting for Windows Security: Live Response, Forensic Analysis, and Monitoringby Harlan Carvey, Jeremy Faircloth
Elsevier Inc.; Published: 2007-12-28; Paperback; Book
Best price: $40.52
Price in other shops:
Rootkits for Dummies (For Dummies (Computer/ Tech))by Larry Stevenson, Nancy Altholz
For Dummies; Published: 2007-01-30; Paperback; Book
Best price: $5.23
Price in other shops:
Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasuresby Brian Contos
Syngress; Published: 2006-08-23; Paperback; Book
Best price: $25.94
Price in other shops:
How to Cheat at Windows System Administration Using Command Line Scripts (How to Cheat)by Pawan K. Bhardwaj, Dave Kleiman, Brian Barber
Syngress; Published: 2006-09-15; Paperback; Book
Best price: $19.99
Price in other shops:
Security Log Management: Identifying Patterns in the Chaosby Jacob Babbin, Dave Kleiman, Everett F. Carter Jr., Jeremy Faircloth, Mark Burnett, Esteban Gutierrez
Syngress; Published: 2006-01-13; Paperback; Book
Best price: $22.25
Price in other shops:
Microsoft Log Parser Toolkitby Gabriele Giuseppini, Mark Burnett, Jeremy Faircloth, Dave Kleiman
Syngress; Published: 2005-02-10; Paperback; Book
Best price: $21.84
Price in other shops:
Perfect Passwords: Selection, Protection, Authenticationby Mark Burnett
Syngress; Published: 2005-12-27; Paperback; Book
Best price: $10.00
Price in other shops:
CD and DVD Forensicsby Paul Crowley
Syngress; Published: 2006-11-28; Paperback; Book
Best price: $31.50
Price in other shops:
Winternals Defragmentation, Recovery, and Administration Field Guideby Dave Kleiman, Laura Hunter, Mahesh Satyanarayana, Kimon Andreoou, Nancy G Altholz
SYNGRESS; Published: 2006-05-12; Digital; Book
Best price: $19.98
Windows Forensic Analysis Including DVD Toolkitby Harlan Carvey
Syngress; Published: 2007-04-24; Paperback; Book
Best price: $47.99
Price in other shops:
Similar Books and other products
Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Researchby James Foster
Syngress; Published: 2007-09-01; Paperback; Book
Best price: $37.44
Price in other shops:
Rootkits: Subverting the Windows Kernel (Addison-Wesley Software Security Series)by Greg Hoglund, Jamie Butler
Addison-Wesley Professional; Published: 2005-08-01; Paperback; Book
Best price: $22.99
Price in other shops:
Audit and Trace Log Management: Consolidation and Analysisby Phillip Q. Maier
Auerbach Publications; Published: 2006-04-05; Hardcover; Book
Best price: $65.95
Price in other shops:
Mastering Windows Network Forensics and Investigation (Mastering)by Steven Anson, Steve Bunting
Sybex; Published: 2007-04-02; Paperback; Book
Best price: $12.97
Price in other shops:
Extrusion Detection: Security Monitoring for Internal Intrusionsby Richard Bejtlich
Addison-Wesley Professional; Published: 2005-11-18; Paperback; Book
Best price: $27.87
Price in other shops:
Windows Forensic Analysis Including DVD Toolkitby Harlan Carvey
Syngress; Published: 2007-04-24; Paperback; Book
Best price: $47.22
Price in other shops:
Security Metrics: Replacing Fear, Uncertainty, and Doubtby Andrew Jaquith
Addison-Wesley Professional; Published: 2007-04-05; Paperback; Book
Best price: $27.98
Price in other shops:
Nessus, Snort, & Ethereal Power Tools: Customizing Open Source Security Applications (Jay Beale's Open Source Security Series)by Neil Archibald, Gilbert Ramirez, Noam Rathaus
Syngress; Published: 2005-09-19; Paperback; Book
Best price: $25.00
Price in other shops:
The Tao of Network Security Monitoring: Beyond Intrusion Detectionby Richard Bejtlich
Addison-Wesley Professional; Published: 2004-07-22; Paperback; Book
Best price: $33.97
Price in other shops:
Microsoft Log Parser Toolkitby Gabriele Giuseppini, Mark Burnett, Jeremy Faircloth, Dave Kleiman
Syngress; Published: 2005-02-10; Paperback; Book
Best price: $24.72
Price in other shops: