O'Reilly logo

Big Data Forensics – Learning Hadoop Investigations by Joe Sremack

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Collecting Hadoop Application Data

Hadoop evidence can be forensically collected from more than just the filesystem. Evidence can also be collected from Hadoop applications. Hadoop data is formatted for use by its applications, and these applications provide means for more easily extracting relevant data. The process of collecting evidence from Hadoop applications instead of from HDFS offers many advantages, but the approach is very different. Some forensic artifacts, such as metadata, cannot be captured from a Hadoop application collection. However, collecting data from an application avoids some of the time-consuming and challenging tasks involved in forensically imaging HDFS or collecting data from each node individually.

Any Hadoop ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required