[BBLISA] September BBLISA meeting recap.
John P. Rouillard
rouilj at cs.umb.edu
Fri Sep 11 13:36:58 EDT 2009
Hi all:
We had 12 people show up for the September BBLISA meeting, which was a
whopping 100% increase from last month. Thanks to all who came.
We are back in our usual room, and the homey feeling I am sure helped.
The talk covered the basic landscape of using SEC for log
analysis. While it didn't include any examples, questions from the
audience prompted a diversion into some examples including:
capturing a session and reporting the whole session if an event in the
session is anomalous
when to use sec generated events to categorize and count network
interface outages
Why [A-Z]+ doesn't always match what you think (and why we aren't as
smart as a fifth grader).
The basic feeling from the room was that the coursebook was "cool", so
I would say it was a successful test. So thanks to those of you who
RSVP'ed and followed along with the coursebook. If you have more
feedback about the coursebook please feel free to drop me an email and
I will try to fix it and if possible release an update.
--
-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.
More information about the bblisa
mailing list