The Open Event Log (OEL) Project was conceived by Andrew Hay in May 2006 as a repository for system/server/application event logs to aide in incident response and forensic analysis. Many tools are now available to assist the analyst in interpreting event logs but a better understanding of the logs, as well as samples, were lacking. Most vendors post their event log specifications but it helps to have a central location that displays samples of these logs.

The ultimate goal of this site is to educate users on proper event log collection and analysis techniques which goes hand in hand with our motto: “No log left behind!”

Please note that there is no corporate backing of this site in order to remain as independent as possible.

Each device/application will display the following information to help the community:

• Log Sample
• Log Description
• How To Enable Logging
• Regular Expression Matching

An example of this format can be seen with the Juniper NetScreen entry here: http://www.openeventlog.com/index.php/Juniper_NetScreen

I’d appreciate any feedback you might have and invite you to contribute as much as possible.