logging

April 29, 2020

DEVELOPER

Mid Season Check-in with NetDevOps Live!

We are halfway through Season 3 of NetDevOps Live! (okay, slightly over halfway through) and it’s been everything I had hoped it would be. We started off super strong with a network automation favorite in Ansible.  It was wonderful having a chance to speak with both Andrius and Sean about what’s happened recently with Ansible […]

March 20, 2020

DEVELOPER

Announcing NetDevOps Live! Season 3

Take a look at what we've got in store for Season 3 of NetDevOps Live! — powerful tooling available that every NetDevOps engineer can use in their tool chest: Batfish, Postman, HashiCorp, Ansible Network Automation, NetBox and more!

February 28, 2018

SECURITY

The Power of Logging in Incident Response

A deep dive into logging as an often-overlooked but powerful tool for incident detection and response “Lack of instrumentation or insufficient logging” is often a phrase used on incident response...

November 1, 2013

SECURITY

Using a “Playbook” Model to Organize Your Information Security Monitoring Strategy

CSIRT, I have a project for you. We have a big network and we’re definitely getting hacked constantly. Your group needs to develop and implement security monitoring to get our malware and hacking problem under control.   If you’ve been a security engineer for more than a few years, no doubt you’ve received a directive […]

October 24, 2013

SECURITY

To SIEM or Not to SIEM? Part II

The Great Correlate Debate SIEMs have been pitched in the past as "correlation engines" and their special algorithms can take in volumes of logs and filter everything down to just...

October 22, 2013

SECURITY

To SIEM or Not to SIEM? Part I

Security information and event management systems (SIEM, or sometimes SEIM) are intended to be the glue between an organization's various security tools. Security and other event log sources export their...

October 18, 2013

SECURITY

Getting a Handle on Your Data

When your incident response team gets access to a new log data source, chances are that the events may not only contain an entirely different type of data, but may also be formatted differently than any log data source you already have. Having a data collection and organization standard will ease management and analysis of […]

October 9, 2013

SECURITY

Making Boring Logs Interesting

This post centers around the practice of logging data - data from applications, devices, and networks - and how the components of data logging can help in the identification and remediation of network events.

October 3, 2013

SECURITY

Big Security—Mining Mountains of Log Data to Find Bad Stuff

Your network, servers, and a horde of laptops have been hacked. You might suspect it, or you might think it’s not possible, but it’s happened already. What’s your next move? The dilemma of the “next move” is that you can only discover an attack either as it’s happening, or after it’s already happened. In most […]