Microsoft's LogParser can be used for all types of server log files, including security event log, web and ftp logs, etc. ddv
SecurityFocus HOME Infocus: Forensic Log Parsing with Microsoft's LogParser: "Investigating a web-based intrusion can be a daunting task, especially when you have no information other than knowing it was web-based. It is easy to waste precious time digging through megabytes, perhaps even gigabytes, of log files trying to locate suspicious activity. Often this search turns up little useful evidence. "
SecurityFocus HOME Infocus: Forensic Log Parsing with Microsoft's LogParser: "Investigating a web-based intrusion can be a daunting task, especially when you have no information other than knowing it was web-based. It is easy to waste precious time digging through megabytes, perhaps even gigabytes, of log files trying to locate suspicious activity. Often this search turns up little useful evidence. "
Comments