- Paperback: 460 pages
- Publisher: Syngress; 1 edition (December 13, 2012)
- Language: English
- ISBN-10: 1597496359
- ISBN-13: 978-1597496353
- Product Dimensions: 7.5 x 1 x 9.2 inches
- Shipping Weight: 1.9 pounds (View shipping rates and policies)
- Average Customer Review: 3.5 out of 5 stars See all reviews (14 customer reviews)
- Amazon Best Sellers Rank: #763,314 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Frequently bought together
Customers who bought this item also bought
"The authors provide a way to simplify the complex process of analyzing large quantities of varied logs. The log management and log analysis approaches they recommend are addressed in detail."--Reference and Research Book News, August 2013 "…Anton Chuvakin and his co-authors Kevin Schmidt and Christopher Phillips bring significant real-world experience to the reader and an important book on the topic....For those that want to find the gold in their logs…[it] is a great resource that shows how to maximize the gold that often lays hidden in your large stores of log data."--RSA Conference, December 2012
From the Back Cover
Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.
If you are a seller for this product, would you like to suggest updates through seller support?
Top Customer Reviews
The parts emphasizing the need for daily audit log review were right on the mark. There is definitely gold to be mined from logs. 90% of all intrusions leave signs of the malicious activity in the logs. Yet intruders stay in networks for months before they are caught giving them plenty of time to do damage. Log management and review is a heretofore underserved topic.
What really shocked me about this book was the hideous, practically non-existent editing. On average, every page contains at least one error. I have identified over 100 errors (I haven't yet bothered to get an count). I have marked up my copy and contacted the author and offered to send it back to him so he can correct it in the next edition, should there ever be one.
Overall I can recommend this book for its technical details, just don't be put off by incomplete or nonsensical sentences, repeated words, obviously inappropriate spell-checker auto-corrections, and even some technical errors (at one point three log lines are presented claiming to show normal activity, attempted but failed attack, and successful attack: the three log lines are identical).
The authors are normally quite good at what they do, I don't know how they or Syngres let this book go to print like this. It is obvious that nobody actually read it through before printing.
Unless you have an immediate need, as I did, I strongly recommend waiting for the next edition. The editing of this text is simply awful.
* Sentences just stop
* Grammar is so poor that paragraphs lose their meaning
* On the kindle, some text is so small it cannot be read and it does not resize (at this point in the Kindle evolution I expect better, esp from a $30+ book)
I have lost at least an hour total (of the roughly 6 I have spent so far) rereading and attempting to decode the meaning of these flawed passages we I thought they were important.
It is my sincere hope that a second edition will be provided to us for free in light of the cost. Only then will I change my rating because only then will I have a complete understanding of what I have read. I plan to hold any other Syngress publication in suspicion if reviews contain any mention of poor editing. I can overlook a few issues from foreign authors that slip by editors. It is the content that matters. Logging and Log Management does not _not_ suffer that minor problem. It is a truly broken text.
In Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management, author and future log management hall of fame inductee Anton Chuvakin and his co-authors Kevin Schmidt and Christopher Phillips bring significant real-world experience to the reader and an important book on the topic.
Many organizations suffer the same fate as the NSA with the difficultly in effectively analyzing huge amounts of log data from disparate sources. Years ago SIM tools were supposed to easily solve that problem with log normalization and aggregation. For many firms, they are still waiting.
In 22 chapters and 400 densely packed pages, the book provides the reader with everything they need to know about log management.
The book starts with a big picture look of log data basics and how to see the forest from the tree in the timberland of log management.
Chapter 2 gets a bit philosophical and analyzes just what is a log? The chapters then progress into more advanced and deeper technical details.
Chapter 6 on Covert Logging is interested in that it details a topic not often documented, namely how to create a completely stealthy log setup.
The book also includes many case studies on logging, syslog and numerous real-world scenarios where logs were used to handle an information security incident.
Other topics include log analysis system selection, planning a log analysis system and log data normalization and correlation, log data mining, statistical analysis and much more.
Cliff Stoll ultimately found that there was gold in his log data. For those that want to find the gold in their logs, Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management is a great resource that shows how to maximize the gold that often lays hidden in your large stores of log data.
it's a good read-through and can provide some reference material.
NOTE: this books is horribly edited and littered with typos and sentences that don't make sense.
as this book will explain, there isn't any magic solution. Prepare for mind numbing
drudgery. However, you will gain at least some understanding of log files.