CSA+ : how learn the log files
walterbyrd
Member Posts: 40 ■■■□□□□□□□
in CySA+
Practically everything I have read about this exam claims: you have to *really* know how to interoperate log files.
CSA+ book reviews, and course reviews, often say that the books/courses do not do enough to really teach you how to interoperate log files.
Maybe there are some web sources to learn all about the log files?
I found this, which looks fairly good:
Identifying Incidents Using Firewall and Cisco IOS Router Syslog Events
https://www.cisco.com/c/en/us/about/security-center/identify-incidents-via-syslog.html
Does anybody have recommendations for other such sources?
CSA+ book reviews, and course reviews, often say that the books/courses do not do enough to really teach you how to interoperate log files.
Maybe there are some web sources to learn all about the log files?
I found this, which looks fairly good:
Identifying Incidents Using Firewall and Cisco IOS Router Syslog Events
https://www.cisco.com/c/en/us/about/security-center/identify-incidents-via-syslog.html
Does anybody have recommendations for other such sources?
Comments
-
meni0n
Member Posts: 68 ■■■□□□□□□□
I've been looking at some of these:
Overview of the Windows Firewall Security Log File in Windows XP
https://www.bro.org/sphinx/logs/index.html
https://httpd.apache.org/docs/2.4/logs.html
https://stackify.com/syslog-101/
Hope that helps.