8 Analyzing logs for fraud and attacks

This chapter covers

Examining the components of a logging pipeline’s analysis layer
Detecting fraud and attacks using string signatures, statistics, and historical data
Managing techniques for alerting users without overwhelming them

In chapter 7, you learned how to build a logging pipeline to collect, stream, analyze, store, and access logs across the infrastructure. A multilayered pipeline creates a flexible infrastructure where logs from different origins are used to monitor the activity of the organization’s services. Chapter 7 gave an overview of the functionalities provided by each layer of the pipeline. In this chapter, we’ll focus on the third layer, the analysis layer, and dive into techniques ...

Get Securing DevOps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing DevOps by Julien Vehent

8 Analyzing logs for fraud and attacks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly