(the UK's Unix & Open Systems User Group)
Tutorial: Building an Enterprise Logging Infrastructure
This tutorial illustrates the importance of a network-wide, centralized logging infrastructure, introduces several approaches to monitoring audit logs, and explains the types of information and forensics that can be obtained with well-managed logging systems.
Every device on your network--routers, servers, firewalls, application software--spits out millions of lines of audit information a day. Hidden within the data that indicate normal day-to-day operation (and known problems) are the first clues that systems are breaking down, attackers are breaking in, and end users are breaking up. If you manage that data flow, you can run your networks more effectively.
This class won't teach you how to write Perl scripts to simplify your logfiles. It will teach you how to build a log management infrastructure, how to figure out what your log data means, and what in the world you do with it once you've acquired it.
Who should attend?
System administrators and network managers responsible for monitoring and maintaining the health and well-being of computers and network devices in an enterprise environment. Although some review is provided, participants should be familiar with the UNIX and Windows operating systems and basic network security.
About the tutor
Tina Bird brings rigorous scientific discipline, a wealth of network administration and Internet security expertise, and substantial teaching experience to her role as a Computer Security Officer for Stanford University. At Stanford, she works on the design and implementation of security infrastructure for University systems; writing Security Alerts for desktop and server machines on the 40000-host network; healthcare information security & HIPAA compliance; and extending the university's logging infrastructure. She is the primary Stanford representative for FIRST, the Forum of Incident Response and Security Teams.
She moderates the Log Analysis and VPN mailing lists. With Marcus Ranum, she runs www.loganalysis.org, a portal for building enterprising logging infrastructures and interpreting log data. She is slowly authoring a short, topics guide to system logging for SAGE, the System Administrator's Guild. She is a co-moderator of the newly founded Patch Management mailing list.
Tel: 01763 273 475
Fax: 01763 273 255
Queries: Ask Here
|Join UKUUG Today!||
PO BOX 37
Page last modified 16 Jun 2004
Copyright © 1995-2011 UKUUG Ltd.