Wednesday, April 04, 2007

On Packet Logging and ... ehhh... Log Logging

Here is a weird one: what does capturing packets have to do with log management? While some people can spent hours debating whether something like an SNMP trap is, in fact, a log, few would consider PCAP files to be logs.

However, look at this recent PR piece from Sourcefire which introduces daemonlogger - a tool to efficiently capture packets (kind of tcpdump on steroids) - the piece does mention "logs" and "logging" (and even log management) way too many times.

What's up with that? Is logging cool again? :-) Or is somebody at Sourcefire thinking about logs? They do need to diversify, ya know...

Dr Anton Chuvakin