Log Analysis is one of the great overlooked aspects of operational computer security. Many organizations spend hundreds of thousands of dollars on intrusion detection systems (IDS) deployments – but still ignore their firewall logs. Why? Because the tools and knowledge to make use of that data are often not there, or the tools that exist are too inconvenient. You should expect that to change. Right now, IDS vendors are up against the wall with the volumes of data they produce; the next wave in security is to try to usefully correlate and process the contents of multiple logs.
We’re dedicated to pulling together a repository of useful information on log analysis for computer security. We hope you find this site to be useful and informative. Please don’t hesitate to contact us if you’ve got suggestions for how we can make it better!
Log Analysis and Intrusion Detection