Comments on: Standard Logging Format – Common Event Expression (CEE) http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/ Big data analytics and visualization Tue, 15 May 2012 02:36:10 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Raffael Marty http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/comment-page-1/#comment-9904 Raffael Marty Tue, 27 Nov 2007 18:08:44 +0000 http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/#comment-9904 It is really close now! Hang on tight. The site is ready, but is going through approval processes. It's very very close! It is really close now! Hang on tight. The site is ready, but is going through approval processes. It’s very very close!

]]> By: sectrix http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/comment-page-1/#comment-9903 sectrix Tue, 27 Nov 2007 17:54:26 +0000 http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/#comment-9903 On http://cee.mitre.org is only apache test page! Where I can get CEE? On http://cee.mitre.org is only apache test page! Where I can get CEE?

]]> By: Raffy’s Computer Security Blog » CEE - CEF - Event Interoperability Standards http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/comment-page-1/#comment-6688 Raffy’s Computer Security Blog » CEE - CEF - Event Interoperability Standards Wed, 18 Jul 2007 22:44:48 +0000 http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/#comment-6688 [...] for example is something that should not depend on the syntax and vice versa. I keep haing to make that point. The ArcSight CEF standard is not bound to any transport. Use anything. If you don’t have [...] [...] for example is something that should not depend on the syntax and vice versa. I keep haing to make that point. The ArcSight CEF standard is not bound to any transport. Use anything. If you don’t have [...]

]]> By: DC http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/comment-page-1/#comment-6298 DC Fri, 29 Jun 2007 14:01:26 +0000 http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/#comment-6298 In this post, you state there are 20 vendors or so working with CEF. Are they posted somewhere on who they are? http://www.loganalysis.org/pipermail/loganalysis/2007-April/000089.html In this post, you state there are 20 vendors or so working with CEF. Are they posted somewhere on who they are?

http://www.loganalysis.org/pipermail/loganalysis/2007-April/000089.html

]]> By: David Corlette http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/comment-page-1/#comment-4620 David Corlette Wed, 16 May 2007 14:55:39 +0000 http://raffy.ch/blog/2007/04/19/standard-logging-format-common-event-exchange-cee/#comment-4620 Hello, Item 2 above is entirely not true; there is an existing standard called XDAS which defines event taxonomy as well as formats (item 1). This is an open standard developed by the OpenGroup. <a href="http://www.opengroup.org/security/das/xdas_int.htm" rel="nofollow">http://www.opengroup.org/security/das/xdas_int.htm </a> It also includes an API definition for auditing that can use a variety of transport methods; item 3 above is not necessary as the format should be independent of delivery method. Hello,

Item 2 above is entirely not true; there is an existing standard called XDAS which defines event taxonomy as well as formats (item 1). This is an open standard developed by the OpenGroup.

http://www.opengroup.org/security/das/xdas_int.htm

It also includes an API definition for auditing that can use a variety of transport methods; item 3 above is not necessary as the format should be independent of delivery method.

]]>