[thelist] Sample Security Log File

Ken Schaefer Ken at adOpenStatic.com
Tue Jan 23 07:37:09 CST 2007


A) What does this have to do with web development?

b) What sort of log file standard is this? I've never seen it before. As a
follow-up to that question - if it's some logfile you just came up with, then
you'd need to generate your own logfile. If you are open to any old logfile
format then just grab something out of whatever system(s) you are looking
after. You can even get events like that straight from a Windows system (just
dump the Security event log after turning on auditing for all security
events). You just need to parse the .evt file (or use the LogParser tool).

Cheers
Ken



-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Mohsen Saboorian
Sent: Wednesday, 24 January 2007 12:33 AM
To: thelist at lists.evolt.org
Subject: [thelist] Sample Security Log File

Hi,
I'm looking for a sample security log/dump file, to test an offline
intrusion detection system. The log file should have an action + user
name who does the action in each line. A sample log file would be like
this (however the format is free):

[user1] - 1-1-2007-20:10:39 : logged in
[user2] - 1-1-2007-20:10:55 : logged in
[user1] - 1-1-2007-20:13:41 : changed the password
[user6] - 1-1-2007-20:14:32 : loaded custom application: xyz
[user5] - 1-1-2007-20:20:19 : sent email
[user1] - 1-1-2007-20:30:01 : logged out
....

Thanks.
 



More information about the thelist mailing list