As the Log Management industry continues to evolve, it experiences inevitable growing pains.

The NIST Publication 800-92: Guide to Computer Security Log Management describes "inconsistent log formats" as a major problem, noting that "there is no consensus in the security community as to the standard terms to be used to describe the composition of log entries and files."

So while virtually every technology device generates log data files, this lack of consensus makes it unnecessarily difficult to collect, collate and analyze the results.

The ideal solution is for the industry to adopt a universal log-data language and format. Naturally, this can only be achieved through industry-wide consultation and cooperation. NetGuardians actively participates in dialogue that also includes representations from Novell, IBM, Boeing, Microsoft, and Sun Microsystems.

There are a number of projects tackling different aspects of the standardization issue. Two prime examples are:

The Open Group: XDAS

XDAS is developed and promoted by The Open Group. As Java experts, NetGuardians leads the development of the Xdas4j library, which will enable existing Java software to generate XDAS compliant audit trails. The project is currently at the prototype stage.

CEE

Common Event Expression (CEE™) aims to standardize the way computer events are described, logged, and exchanged by using a common language and syntax. Its holistic approach also aims to set guidelines not just for log formatting but for content as well.

NetGuardians is an active participant within the CEE community, providing feedback and offering suggestions regarding suitable “Use Cases” that merit CEE support.