Blogs about: Log Management
Featured Blog
Directory Services Auditing
I’ve been asked by a customer to take a look at their level of Directory Services Auditing. I’m not able to share their screen shots but can scrub an email that I sent to them and post it… more →
Event Log Managment
Directory Services Auditing
ithompson wrote 1 week ago: I’ve been asked by a customer to take a look at their level of Directory Services Auditing. I … more →
Audit Account Logon vs Audit Logon/Logoff
ithompson wrote 1 month ago: Over the past several years I’ve been explaining the diffence between these two audit polices. … more →
Ten Reasons Log Data is Not Enough: #5. Who dat installing software?
Mike Rothman wrote 2 months ago: As we continue down our analysis of why log data is not enough, the next issue we discover is instal … more →
Ten Reasons Log Data is Not Enough: #4. Network Blind Mice
— 1 comment
Mike Rothman wrote 2 months ago: As we discussed in the last post in the Ten Reasons Log Data is Not Enough series, configuration dat … more →
Ten Reasons Log Data is Not Enough: #3. What's the Configuration, Kenneth?
— 2 comments
Mike Rothman wrote 2 months ago: As we resume our series on why Log Data is Not Enough, the 3rd reason we have underscores the import … more →
Ten Reasons Log Data is Not Enough: #2. Partial Regulation Coverage
Mike Rothman wrote 2 months ago: For those organizations looking specifically to check the compliance box, log management is one of t … more →
Ten Reasons Log Data is Not Enough: #1. Logging can be turned off
— 2 comments
Mike Rothman wrote 2 months ago: Welcome to the latest series here on eIQviews. Over the next 10 days, we’ll discuss a number o … more →
How long to keep security data?
Mike Rothman wrote 3 months ago: In digging back through some of my bookmark archives, I came across this post from Burton’s Tr … more →
More Info on Tracking Down File Deletes
ithompson wrote 3 months ago: Quite awhile ago I wrote a blog entry on Tracking Down File Deletes, it continues to be one of my mo … more →
Defining SIEM/Log Management "Integration"
— 2 comments
Mike Rothman wrote 4 months ago: integrate verb [ trans. ] 1 combine (two things) so that they become a whole Based on market dynamic … more →
IIS status code
ithompson wrote 6 months ago: Here is a link to some good information about the IIS status / sub-status codes for IIS 5 and 6. Chr … more →
Enterprises Still Struggling To Get Results From SIEM, Log Management
o24int wrote 6 months ago: Most survey respondents still haven’t achieved quantifiable benefits, study says Can you tell … more →
Detecting Insider Threats
ithompson wrote 7 months ago: Over the last few weeks I have been putting together a whitepaper on detecting insider threats (on a … more →
Log Management
leonmiri wrote 7 months ago: http://www.cloudsecurityalliance.org/guidance/csaguide.pdf … more →
Written Policy without Process and Oversight is Just Wasted Effort
Tom Olzak wrote 7 months ago: Whether prompted by regulations or by management intent to comply with security best practices, the … more →
LogDataisNOTEnough.com
Mike Rothman wrote 7 months ago: Today we launched both a major update to our corporate site (http://www.eiqnetworks.com) as well as … more →
What we learn from Log Data
Mike Rothman wrote 7 months ago: As we continue through our series on Log Management, let’s evaluate the kinds of information t … more →
Limitations of Logs
Mike Rothman wrote 8 months ago: As we continue our series on log management (check out: Why do we care about logs anyway?), let’s di … more →
Why do we care about logs anyway?
— 1 comment
Mike Rothman wrote 8 months ago: I’m sure you’ve been hearing all about log files for a while. The idea of gathering log files is par … more →
