Archive for December, 2012

Each applications, OS, network and security devices have their own way to log events, and so far, there is no widely adopted standard that allow to easily integrate all logs into SIEM solution. Here’s the main standard and their key points:
IDMEF:The IDMEF standard, mainly focused on IDS, is now almost dead.
CEF (Common Event Format): [...]

December 30, 2012, 1:13 am lock