Skip to main content

HomeEvents & MeetingsBetter Management and Monitoring of Device Logs

Events & Meetings - Event View

This is the "Event Detail" view, showing all available information for this event. If the event has passed, click the "Event Report" icon to read a report and view photos that were uploaded.
Better Management and Monitoring of Device Logs

Date and Time

Thursday, November 12, 2020, 6:00 PM until 8:00 PM

Location

Join Zoom Meeting
https://nationalgeneral.zoom.us/j/9982669720

Meeting ID: 998 266 9
TN  
USA

Category

Monthly Meeting

Registration Info

Registration has closed - Event is past

About this event

Have you ever looked at the raw log files from Windows, Linux, IBM i, Cisco, and other devices and thought ‘Why can’t these log files make sense and speak the same language?’. During this session, Brad Mathis, a self-professed IBM i dummy, will review how a SIEM (Security Information and Event Management) system makes this a reality. You can even leverage it for your custom application logging.

While all log data is unique, in its own way, and may make perfect sense to someone who is an expert in that specific discipline, it needs to make sense to all who are tasked with reviewing it. On that note, even if you are an expert in a specific field, wouldn’t it be nice if the gibberish found in raw log files could be translated into common metadata fields for easier interpretation.

In this session, we will informally discuss this topic, keep the slideware to a minimum, and dive into a sandbox of the LogRhythm SIEM platform and try to see how easy it is to normalize and correlate log data in a common format.