Abstract

Log reviewers periodically review files that store critical log data within your environment. In many organizations, this role is entry-level. At a technical level, most people never interact with logs or even know they exist. Logs are often dull, but they can hide gems deep within. It can be interesting to trace a 20-year-old bug as you trace network traffic from one system to another to identify why a particular log entry keeps recurring. By comparing log activity with known events, and by comparing logs of different systems, the log reviewer can start to build the skill of understanding the environment. A seasoned log reviewer will understand what a particular log entry really means, and if it’s normal ...