Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    8.4 Conclusion

    Event logs are some of the most valuable sources of evidence for forensic investigators, particularly when they are stored on a secure central server and can be correlated with multiple log sources. Application servers, firewalls, access control systems, network devices, and many other types of equipment generate event logs and are often capable of exporting them to a remote log server for aggregation.

    It is important for the forensic investigator to be aware of common pitfalls associated with event log analysis, including incorrect or incomplete timestamps, questions of reliability and integrity, and confidentiality. With these in mind, event logs are an important source of evidence, and can be analyzed with a variety of command-line or visual tools.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial