CSA+ : how learn the log files

Practically everything I have read about this exam claims: you have to *really* know how to interoperate log files.

CSA+ book reviews, and course reviews, often say that the books/courses do not do enough to really teach you how to interoperate log files.

Maybe there are some web sources to learn all about the log files?

I found this, which looks fairly good:

Identifying Incidents Using Firewall and Cisco IOS Router Syslog Events
https://www.cisco.com/c/en/us/about/security-center/identify-incidents-via-syslog.html

Does anybody have recommendations for other such sources?

Find more posts tagged with

Comments

meni0n

I've been looking at some of these:

Overview of the Windows Firewall Security Log File in Windows XP

https://www.bro.org/sphinx/logs/index.html

https://httpd.apache.org/docs/2.4/logs.html

https://stackify.com/syslog-101/

Hope that helps.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of