[BBLISA] Meeting this Wednesday (9/9/2009)

Bill Bogstad bogstad at pobox.com
Mon Sep 7 21:30:09 EDT 2009


John Rouillard returns this month to talk about log analysis.
This time, I'll be the warm up act from 7-7:30

=========================================================================

Date:        September 9, 2009
Time:        7:00-9:00 PM

Location:    MIT
            Building E51, Room 315
            Corner of Amherst & Wadsworth Streets
            Cambridge, MA

Schedule:    7:00-7:30       Introductions/Resume Sharing/Job Openings
            7:30-9:00       Speaker's presentation and discussion
            9:00-??         Adjourn to local eating/drinking establishment

Coordinator: Bill Bogstad

Speaker: John P. Rouillard

Topic: Log Analysis Using the Simple Event Correlator (part 1)

Description:

 Our past determines our present. How good a job are you doing at
 managing your past? We all have horror stories of failures that could
 have been prevented if only somebody had bothered to look at the
 application/system/software logs a few week prior.

 This is part 1 (other parts to be given based on interest) of a
 course on deploying the Simple Event Correlator. The presenter is
 teaching a full day tutorial on this topic at LISA 2009.  This
 presentation for BBLISA covers selected parts of the full tutorial:
    * using loghound and slct for initial log identification
    * starting and running SEC
    * basic rules supported in SEC
    * basic rule creation, testing, debugging and a tool to assist
    * An example ssh blocking application (similar to sshblack)

 If you are able to bring a laptop, RSVP to rouilj at ieee dot org
 and you can get the slide presentation and supporting materials
 in tiddlywiki format that you can annotate during the talk.

========================================================================


Directions can be found at:

http://www.bblisa.org/directions.html

Park on-street or in the MIT lot on Hayward St.




More information about the bblisa mailing list