Tier 1—Log Reviewer
Abstract
Log reviewers periodically review files that store critical log data within your environment. In many organizations, this role is entry-level. At a technical level, most people never interact with logs or even know they exist. Logs are often dull, but they can hide gems deep within. It can be interesting to trace a 20-year-old bug as you trace network traffic from one system to another to identify why a particular log entry keeps recurring. By comparing log activity with known events, and by comparing logs of different systems, the log reviewer can start to build the skill of understanding the environment. A seasoned log reviewer will understand what a particular log entry really means, and if it’s normal ...
Get Breaking into Information Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.