Blogger: Dan Blum
This Tuesday at the Burton Group Catalyst conference we held a Common Event Standards Special Interest Group (SIG). For a dry technical topic like event representation and log management, it was impressive that this SIG drew about 35 people on a sunny afternoon in San Diego.
But what was even more impressive was the thought and convergence of ideas between three standards bodies leading up to the SIG. These standards bodies were:
- Common Event Expression (CEE) language, by Mitre
- X/Open Distributed Audit Standard (XDAS), by Open Group
- Trusted Network Connect (TNC)
Although the problem of creating standards in the event and log space is challenging, attendees agreed there are a number of simple things that can be done that will benefit information technology (IT) groups. Also, there is considerable enthusiasm about carrying this convergence effort forward. This interest has expanded beyond the core group of people that have been working with me (including Anton Chuvakin, David Corlette, Ian Dobson, Bob Blakley, and Bill Heinbockel) to representatives of other security vendors and end user enterprises that also attended the event.
In the next week or two, I’ll have time to pull together more information from the SIG and create a more detailed blog entry. In the meantime, watch this space, and stay tuned for more coverage of this topic!