Log management experts from
have co-written, with another security expert, a basic, fundamental book on computer network logs for IT administrators.
Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management
” is written in simple terms for new system administrators, application developers, IT managers, and anyone else who may be interested in keeping track of and understanding logs that are constantly created on company computer networks.
“My co-writers and I find that so many people we meet collect logs but don’t know how to use them as wisely as they could,” said Kevin Schmidt, a senior manager of engineering at Dell SecureWorks, who co-wrote the book with SecureWorks colleague Christopher Phillips and Anton A. Chuvakin, Ph.D., a former independent security consultant and now a
research director at Gartner. “We wrote this book so it would be easy for most anyone with a technical background to understand how to reap the full benefits of logs to help protect their networks.”
The guide explains how to plan, build and use a log collection and management system, and describes how to collect, analyze and store log data. Readers will also learn how to develop a tailor-made incident response plan based around log data. Other topics include authentication and authorization reports, cloud logging, manual log analysis, and automated analysis.
Ben Rothke, an information security manager who also reviews books on digital security for
Security Management magazine
, said the authors “bring significant real-world experience to the reader” and show “how to maximize the gold that often lays hidden in your large stores of log data.”
Logs are digital fingerprints of everything that happens within a company’s network and its systems, and create a trail of all users and resource activities. In addition to alerting IT administrators to suspicious activity within their organization’s network,
Log data and monitoring
can be used to attain and maintain compliance regulations for different industries.
Co-writer Phillips is a manager and senior software developer at Dell SecureWorks. Chuvakin is a recognized security expert in the field of log management, SIEM, and PCI DSS compliance.