Kevin Lawrence will be presenting Putting Your Logs on a Diet at BayThreat 2011 on Saturday, December 10th at the Hacker Dojo, in Mountain View, CA.
Abstract: Cut the fat from your logs and make adjustments to maximize their impact without expensive investment in even more tools. There are creative ways to adjust your log configurations beyond the default settings to get more meaningful data that leads to actionable results. Less, often means more when you are trying to identify potential security incidents. Three key areas for focus include: targeting what you want to log, identifying incidents within those logs, and how to correlate multiple log sources to help paint the big picture. This presentation assumes that the organization is both already logging for standard access and system logs and that there are appropriate staff to interpret and guide response.
[download id="3771" format="5"]