OSSEC at the SANS log management summit used to save $45k from a commercial SIEM.
Indicators of Compromised Behavior (IOCd-B) using log analysis.
Very few people pay attention to database logging, and in this article we will explain how to enable logging for PostgreSQL and MySQL.
Ugliest application logs ever. Can we have a winner?
Bruce Schneier on log analysis - did you know he is a fan of logging?
Remote log injection paper - attacking log analysis tools just released.
Security monitoring and log analysis to complement your other intrusion detection tools.
Logging authentication events from Cisco IOS routers