Solved

Kerberos logs analysing and monitoring

Posted on 2010-09-03
2
773 Views
Last Modified: 2013-12-07
Hello,

do you know any free OSS software for analysing the MIT Kerberos logs, mainly authentication - who has logged in and when, who has logged out and when. It would be good to have some statistical data about logins (average number of logins per day and similar).
0
Comment
Question by:pawwa
2 Comments
 
LVL 3

Accepted Solution

by:
acmeoil earned 500 total points
ID: 33635938
Hello,
 Natively Linux has log files for the Kerberos, you could probably write a script to search the log files for a given text string (logons and such) and via a cron job use sendmail to email the results to you.

 Another alternative if you only wanted to do statistical analysis is to use something like Wireshark then perform a search on the output of that data. You also could integrate the MIT Kerberos with Active Directory then log it through Windows (I know who wants to do that!!! But it is an option)

 Last here are some sites that may be of assistance in general to you.

http://www.linux.com/learn/docs/ldp/574-Kerberos-Infrastructure-HOWTO

Or you could try Kerberos monitor from SolarWinds (Not cheap though)
https://support.ipmonitor.com/helps/54a6d1298c944b8a93731e76acbfb1df.aspx

0
 
LVL 4

Author Closing Comment

by:pawwa
ID: 34162391
^ Not exactly a complete and accurate answer that I was looking for, but anyway thank you. B.

I have found some nice tools for log analysis such as Splunk, but I will write my own solution at the end.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now