Security Log Management: Identifying Patterns in the Chaos

Jacob Babbin, Dave Kleiman, Everett F. Carter Jr., Jeremy Faircloth, Mark Burnett, Esteban Gutierrez

  • 出版商: Syngress Media
  • 出版日期: 2006-01-01
  • 定價: $1,550
  • 售價: 5.0$775
  • 語言: 英文
  • 頁數: 350
  • 裝訂: Paperback
  • ISBN: 1597490423
  • ISBN-13: 9781597490429
  • 相關分類: 資訊安全
  • 立即出貨(限量) (庫存=1)




In these times of cheap storage and increased processing power and network traffic, asking a question to “the log” becomes more and more similar to executing a data-mining query. Most of the times “the log” does contain the answers you are looking for, but they’re buried under countless useless entries, and scattered across countless, heterogeneous log files; as Jake Babbin, the lead author of this book, elegantly puts it, the answers you are looking for are patterns in chaos. And the news is that someone has to find those patterns. And it might be you. The purpose of this book is to show you exactly how to do that, tackling at the same time all the various problems pertinent to log generation, storage, processing, and reporting.


Whether or not you are the one charged with asking questions to “the log,” after reading this book, you will agree that finding the patterns in chaos is actually not as daunting as you would have believed, and that creative solutions like the ones adopted by Jake will go a long way in making your job—and your quest—easier.

–Gabriele Giuseppini

Developer of Microsoft Log Parser



在這個存儲成本低廉、處理能力和網絡流量增加的時代,向“日誌”提問越來越像執行數據挖掘查詢。大多數時候,“日誌”確實包含你正在尋找的答案,但它們被無數無用的條目所淹沒,並分散在無數異質的日誌文件中;正如本書的主要作者Jake Babbin所說,你正在尋找的答案是混亂中的模式。而且,有人必須找到這些模式。而這個人可能就是你。本書的目的是向你展示如何做到這一點,同時解決與日誌生成、存儲、處理和報告相關的各種問題。


-Gabriele Giuseppini
Microsoft Log Parser開發人員