[BBLISA] Meeting this Wednesday (9/9/2009)
Bill Bogstad
bogstad at pobox.com
Mon Sep 7 21:30:09 EDT 2009
John Rouillard returns this month to talk about log analysis.
This time, I'll be the warm up act from 7-7:30
=========================================================================
Date: September 9, 2009
Time: 7:00-9:00 PM
Location: MIT
Building E51, Room 315
Corner of Amherst & Wadsworth Streets
Cambridge, MA
Schedule: 7:00-7:30 Introductions/Resume Sharing/Job Openings
7:30-9:00 Speaker's presentation and discussion
9:00-?? Adjourn to local eating/drinking establishment
Coordinator: Bill Bogstad
Speaker: John P. Rouillard
Topic: Log Analysis Using the Simple Event Correlator (part 1)
Description:
Our past determines our present. How good a job are you doing at
managing your past? We all have horror stories of failures that could
have been prevented if only somebody had bothered to look at the
application/system/software logs a few week prior.
This is part 1 (other parts to be given based on interest) of a
course on deploying the Simple Event Correlator. The presenter is
teaching a full day tutorial on this topic at LISA 2009. This
presentation for BBLISA covers selected parts of the full tutorial:
* using loghound and slct for initial log identification
* starting and running SEC
* basic rules supported in SEC
* basic rule creation, testing, debugging and a tool to assist
* An example ssh blocking application (similar to sshblack)
If you are able to bring a laptop, RSVP to rouilj at ieee dot org
and you can get the slide presentation and supporting materials
in tiddlywiki format that you can annotate during the talk.
========================================================================
Directions can be found at:
http://www.bblisa.org/directions.html
Park on-street or in the MIT lot on Hayward St.
More information about the bblisa
mailing list