Michael Mullins wrote an interesting article with eight daily steps to secure your network. What I really liked is that at least 3 of these 8 steps mentioned involves looking at logs. He mentioned looking at antivirus, security and IDS/firewall logs… great suggestions! However, monitoring these logs MANUALLY every day, as he suggested, can be very hard and time consuming… In addition to that, just by browsing the logs you will miss a lot of good information and correlation that just an automated tool can find. What about using a tool designed for this purpose? OSSEC can analyze every mentioned log and much more…