Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

  • 7h 43m
  • Anton A. Chuvakin, Christopher Phillips, Kevin J. Schmidt
  • Elsevier Science and Technology Books, Inc.
  • 2013

Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.

  • Comprehensive coverage of log management including analysis, visualization, reporting and more
  • Includes information on different uses for logs -- from system operations to regulatory compliance
  • Features case Studies on syslog-ng and actual real-world situations where logs came in handy in incident response
  • Provides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation

About the Authors

Dr. Anton A. Chuvakin is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. Anton is the co-author of Security Warrior (ISBN: 978-0-596-00545-0) and a contributing author to Know Your Enemy: Learning About Security Threats, Second Edition (ISBN: 978-0-321-16646-3); Information Security Management Handbook, Sixth Edition (ISBN: 978-0-8493-7495-1); Hacker's Challenge 3: 20 Brand-New Forensic Scenarios & Solutions (ISBN: 978-0-072-26304-6); OSSEC Host-Based Intrusion Detection Guide (Syngress, ISBN: 978-1-59749-240-9); and others.

He has published dozens of papers on log management, correlation, data analysis, PCI DSS, security management, and other security subjects. His blog is one of the most popular in the industry. In addition, Anton has taught classes and presented at many security conferences around the world; he recently addressed audiences in the United States, United Kingdom, Singapore, Spain, Russia, and other countries. He has worked on emerging security standards and served on the advisory boards of several security start-ups.

Until recently, Anton ran his own consulting firm, Security Warrior. Prior to that, he was formerly a Director of PCI Compliance Solutions at Qualys and as Chief Logging Evangelist at LogLogic, tasked with educating the world about the importance of logging for security, compliance, and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.

Kevin J. Schmidt is a senior manager at Dell SecureWorks, Inc., an industry leading MSSP, which is part of Dell. He is responsible for the design and development of a major part of the company's SIEM platform. This includes data acquisition, correlation and analysis of log data. Prior to SecureWorks, Kevin worked for Reflex Security where he worked on an IPS engine and anti-virus software. And prior to this he was a lead developer and architect at GuardedNet, Inc., which built one of the industry's first SIEM platforms. He is also a commissioned officer in the United States Navy Reserve (USNR). He has over 19 years of experience in software development and design, 11 of which have been in the network security space. He holds a B.Sc. in computer science.

Christopher Phillips is a manager and senior software developer at Dell SecureWorks, Inc. He is responsible for the design and development of the company's Threat Intelligence service platform. He also has responsibility for a team involved in integrating log and event information from many third party providers for customers to have their information analyzed by the Dell SecureWorks systems and security professionals. Prior to Dell SecureWorks, Christopher has worked for McKesson and Allscripts where he worked with clients on HIPAA compliance and security and integrating healthcare systems. Christopher has over 18 years of experience in software development and design. He holds a Bachelors of Science in Computer Science and an MBA.

In this Book

  • Foreword
  • Logs, Trees, Forest—The Big Picture
  • What is a Log?
  • Log Data Sources
  • Log Storage Technologies
  • syslog-ng Case Study
  • Covert Logging
  • Analysis Goals, Planning, and Preparation—What are We Looking for?
  • Simple Analysis Techniques
  • Filtering, Normalization, and Correlation
  • Statistical Analysis
  • Log Data Mining
  • Reporting and Summarization
  • Visualizing Log Data
  • Logging Laws and Logging Mistakes
  • Tools for Log Analysis and Collection
  • Log Management Procedures—Log Review, Response, and Escalation
  • Attacks against Logging Systems
  • Logging for Programmers
  • Logs and Compliance
  • Planning Your Own Log Analysis System
  • Cloud Logging
  • Log Standards and Future Trends
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

Course CompTIA Data+: Data Governance
Rating 4.9 of 10 users Rating 4.9 of 10 users (10)
Course CompTIA Data+: Database Concepts
Rating 4.6 of 23 users Rating 4.6 of 23 users (23)
Course CompTIA Cybersecurity Analyst+: Security & Network Monitoring
Rating 5.0 of 3 users Rating 5.0 of 3 users (3)