Monthly Archives: November 2006

Ossec snapshot available

It has been a while since the last time I released a stable snapshot of ossec. However, after lots of new features and code changes, it is the time to start doing that again. Hopefully we will add all the … Continue reading

Posted in ossec | 3 Comments

Logging authentication events from IOS

At ossec we have a long list of log formats to add support for the next version, and of them is the cisco IOS logs. Since it is such a common device, I decided to start working on that… One … Continue reading

Posted in cisco, log analysis | 1 Comment

Release of ossec web ui (oswui) 0.1-beta

I just released the first beta version of oswui (ossec web ui). The code is very simple and does not require a database or anything special running in the server. Hopefully after this release some web programmers will join us … Continue reading

Posted in log analysis, ossec, ossec-ui | 4 Comments

Documenting ossec rules

I am in the process to document all ossec rules at the project’s wiki. We currently have 402 rules and I just finished beta-documenting all apache and arpwatch ones. My main goal is to provide for each rule a simple … Continue reading

Posted in ossec | 4 Comments

Fun with logs

If you have ever been involved with log analysis, you probably had the experience to look at a log entry and find it so useless and so weird that your only reaction was to laugh. Today I had this experience … Continue reading

Posted in fun, log analysis | Leave a comment

Microsoft and Novell partnership over Linux?

I know this is off-topic for this blog, but I can’t imagine why microsoft would want to build a partnership with Novell over Linux. I heard a comment that they are doing that just to cause troubles to the Oracle … Continue reading

Posted in off | 1 Comment