In Chap. 17 has been shown that all categories of audit data can be covered by our approach, if it is applied to ASCII format audit data. A main source of ASCII format audit data is the syslog audit service, which is by default used by many audit components in Unix systems. Therefore, the syslog audit service is described in the necessary detail in this Chapter.
KeywordsIntrusion Detection Intrusion Detection System Audit Data Unix System Audit Record
Unable to display preview. Download preview PDF.