Week 9
Forum Based learning : Event log correlation and analysis
Log correlation is a a way that forensics investigator or monitoring team perform to collect logs from all sources in the network and make correlation for those logs to find any incident responses, anomalies and investigations in the network. Even though each sources have different field and format of logs, with log correlation tools such as graylog, splunk and other tools then we can make correlation and analysis.
No Comments »
RSS feed for comments on this post. TrackBack URL