CEE Announce - February 29, 2012 (opt-in newsletter from the CEE Web site)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

CEE Announce - February 29, 2012 (opt-in newsletter from the CEE Web site)

Welcome to the latest issue of the CEE-Announce e-newsletter. This email newsletter is designed to bring recent news about CEE, such as new versions of the language specifications, upcoming conferences, new Web site features, etc. right to your email box. Common Event Expression (CEE) standardizes the way computer events are described, logged, and exchanged. By using CEE’s common language and syntax, enterprise-wide log management, correlation, aggregation, auditing, and incident handling can be performed more efficiently and produce better results than was possible prior to CEE. Details on subscribing (and unsubscribing) to the email newsletter are at the end.

Please feel free to pass this newsletter on to interested colleagues.

Comments: [hidden email]

CEE-Announce e-newsletter/February 29, 2012

1. Feature Story
2. Hot Topic
3. Also in this Issue
4. Details/Credits + Subscribing and Unsubscribing


New Open-Source "LumberJack" Project to Improve Creation and Standardize Content of Event Logs by Implementing CEE

Led by Red Hat, Inc. and hosted by Red Hat's Fedora, "LumberJack" is a new project to create an open-source implementation based upon the concepts and specifications proposed by Common Event Expression (CEE). By implementing CEE, LumberJack aims to improve the creation and standardize the content of event logs for developers and users, while also providing a foundation to help build better utilities.

Visit the LumberJack wiki at https://fedorahosted.org/lumberjack/.

For those interested in actively participating in this community effort, please sign-up for the email discussion list at https://fedorahosted.org/mailman/admin/lumberjack-developers.

LumberJack is currently supported by: Red Hat, Inc.; Adiscon GmbH, maintainers of rsyslog; and BalaBit IT Security, maintainers of Syslog-NG.


LumberJack wiki - https://fedorahosted.org/lumberjack/

Participate - https://fedorahosted.org/mailman/admin/lumberjack-developers

Red Hat - http://www.redhat.com/

Adiscon - http://www.adiscon.com/

BalaBit - http://www.balabit.com/

CEE - http://cee.mitre.org/ceelanguage/


Four CEE Language Specifications Updated to Version 1.0-alpha

Version 1.0-alpha of the CEE Language specification documents are now available on the CEE Web site. The following four community-developed specifications have been updated to Version 1.0-alpha:

* CEE Architecture Overview Specification, Version 1.0-alpha — provides a high-level overview of CEE along with details on the overall architecture and introduces each of the CEE components including the CEE Profile, CEE Log Syntax, and the CEE Log Transport. The CEE Overview is the first in a collection of documents and specifications, whose combination provides the necessary pieces to create the complete CEE event log standard.

* CEE Profile Specification, Version 1.0-alpha — allows for the improved interpretation and analysis of event data by allowing users to define how events are structured and what data they provide. The Profile consists of three components that provide a standardize field dictionary, event taxonomy, and base requirements for CEE-compatible events.

Once available, community-developed CEE Profiles will be free to download and use from the CEE Web site.

* CEE Log Syntax (CLS) Specification, Version 1.0-alpha — describes the requirements for encoding and decoding for a Common Event Expression (CEE) Event, and provides encoding declarations for XML and JSON event records.

* CEE Log Transport (CLT) Specification, Version 1.0-alpha — provides the technical support necessary for a secure and reliable log infrastructure. The CLT Specification defines a listing of requirements conformant log transports must meet. In addition, the CLT defines transport mappings, which define a standard methodology for transmitting encoded CEE Event Records over certain protocols.

We encourage community members to offer feedback on these documents on the CEE Email Discussion list. You may also contact us directly at [hidden email].


CEE Architecture Overview Specification, Version 1.0-alpha - http://cee.mitre.org/docs/overview.html

CEE Profile Specification, Version 1.0-alpha — http://cee.mitre.org/docs/profiles.html

CEE Log Syntax (CLS) Specification, Version 1.0-alpha — http://cee.mitre.org/docs/cls.html

CEE Log Transport (CLT) Specification, Version 1.0-alpha — http://cee.mitre.org/docs/clt.html

Participate - http://cee.mitre.org/community/discussiongroup.html


* CEE/Making Security Measurable booth this week at "RSA 2012," February 27 - March 2

Read these stories and more news at http://cee.mitre.org/news

Details/Credits + Subscribing and Unsubscribing

Managing Editor: William J. Heinbockel. Writer: Bob Roberge. The MITRE Corporation (www.mitre.org) maintains CEE and provides impartial technical guidance to the CEE Board and Working Group on all matters related to ongoing development of CEE.

To unsubscribe from the CEE-Announce e-newsletter, open a new email message and copy the following text to the BODY of the message "SIGNOFF CEE-Announce-list", then send the message to: [hidden email]. To subscribe, send an email message to [hidden email] with the following text in the BODY of the message: "SUBSCRIBE CEE-Announce-List".

Copyright 2012, The MITRE Corporation. CEE and the CEE logo are trademarks of The MITRE Corporation.

For more information about CEE, visit the CEE Web site at http://cee.mitre.org or send an email to [hidden email]. Learn more about Making Security Measurable at http://measurablesecurity.mitre.org.