Chapter 8. Event Log Aggregation, Correlation, and Analysis
“They seem to have a fundamental misunderstanding of the Internet: nothing is too trivial.”
—Philip Lisiecki, MIT1
Application servers, routers, firewalls, network devices, cameras, HVAC systems, and all kinds of other devices generate event logs. Event logs are simply selected records that provide information about the state of the system and/or environment at a given time. Different types of devices generate different types of event logs. Event logs may include information about system access (such as server logins and logouts), startup and shutdown times, errors and problems, or just routine data such as the data-center temperature.
Event logs may be sent from individual devices to ...
Get Network Forensics: Tracking Hackers through Cyberspace now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
