creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 06:34:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-linux-log-forensics-investigation/references/standards.md
T

660 B
Raw Blame History

Standards - Linux Log Forensics

Standards

  • NIST SP 800-92: Guide to Computer Security Log Management
  • NIST SP 800-86: Guide to Integrating Forensic Techniques
  • RFC 5424: The Syslog Protocol

Key Log Locations

  • /var/log/auth.log (Debian) or /var/log/secure (RHEL): Authentication events
  • /var/log/syslog (Debian) or /var/log/messages (RHEL): System messages
  • /var/log/kern.log: Kernel messages
  • /var/log/audit/audit.log: Linux Audit Framework
  • /var/log/wtmp, /var/log/btmp, /var/log/lastlog: Login records (binary)

Tools

  • journalctl: Systemd journal query tool
  • ausearch/aureport: Audit log analysis
  • logwatch, lnav: Log analysis utilities
Reference in New Issue View Git Blame Copy Permalink