In this chapter, you will learn:
• About log types: syslog and Windows Event Viewer logs
• About centralized logging servers
• The role of security information and event management (SIEM)
• The difference between operating system logs and application logs
If you have ever tried to find a reason why a system or an application wasn’t working correctly, you may appreciate the value of logs. Without some insight into what is happening internally with a system or application, you are working in the dark. You’re staggering around a very dark room, randomly feeling with your hands because your eyes can’t help you. Fortunately, logs provide visibility. When something bad is happening or, more importantly, has already ...