GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition, 2nd Edition

CHAPTER 15 Log Management

In this chapter, you will learn:

• About log types: syslog and Windows Event Viewer logs

• About centralized logging servers

• The role of security information and event management (SIEM)

• The difference between operating system logs and application logs

If you have ever tried to find a reason why a system or an application wasn’t working correctly, you may appreciate the value of logs. Without some insight into what is happening internally with a system or application, you are working in the dark. You’re staggering around a very dark room, randomly feeling with your hands because your eyes can’t help you. Fortunately, logs provide visibility. When something bad is happening or, more importantly, has already ...

Get GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition, 2nd Edition by

CHAPTER 15

Log Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly