Logging and Log Management

1st Edition

The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

Print ISBN: 9781597496353
eBook ISBN: 9781597496360
Imprint: Syngress
Published Date: 29th November 2012
Page Count: 460
38.95 + applicable tax
30.99 + applicable tax
49.95 + applicable tax
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management introduces information technology professionals to the basic concepts of logging and log management. It provides tools and techniques to analyze log data and detect malicious activity. The book consists of 22 chapters that cover the basics of log data; log data sources; log storage technologies; a case study on how syslog-ng is deployed in a real environment for log collection; covert logging; planning and preparing for the analysis log data; simple analysis techniques; and tools and techniques for reviewing logs for potential problems. The book also discusses statistical analysis; log data mining; visualizing log data; logging laws and logging mistakes; open source and commercial toolsets for log data collection and analysis; log management procedures; and attacks against logging systems. In addition, the book addresses logging for programmers; logging and compliance with regulations and policies; planning for log analysis system deployment; cloud logging; and the future of log standards, logging, and log analysis. This book was written for anyone interested in learning more about logging and log management. These include systems administrators, junior security engineers, application developers, and managers.

Key Features

  • Comprehensive coverage of log management including analysis, visualization, reporting and more
  • Includes information on different uses for logs -- from system operations to regulatory compliance
  • Features case Studies on syslog-ng and actual real-world situations where logs came in handy in incident response
  • Provides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation


Computer Security staff and program managers; system, network, and application administrators; computer security incident response teams; and others who are responsible for performing duties related to computer security log management.

Table of Contents


Dr. Anton A. Chuvakin

Kevin J. Schmidt

Christopher Phillips

About the Authors

About the Technical Editor



Intended Audience


Organization of the Book

Chapter 5: Case Study: syslog-ng

Chapter 6: Covert logging

Chapter 7: Analysis Goals, Planning and Preparation: What Are We Looking for?

Chapter 8: Simple Analysis Techniques

Chapter 9: Filtering, Matching and Correlation

Chapter 10: Statistical Analysis

Chapter 11: Log Data Mining

Chapter 12: Reporting and Summarization

Chapter 13: Visualizing Log Data

Chapter 14: Logging Laws and Logging Mistakes

Chapter 15: Tools for Log Analysis and Collection

Chapter 16: Log Management Procedures: Escalation, Response

Chapter 17: Attacks Against Logging Systems

Chapter 18: Logging for Programmers

Chapter 19: Logs and Compliance

Chapter 20: Planning Your Own Log Analysis System

Chapter 21: Cloud Logging

Chapter 22: Log Standard and Future Trends

Chapter 1. Logs, Trees, Forest: The Big Picture


Log Data Basics

A Look at Things to Come

Logs Are Underrated

Logs Can Be Useful

People, Process, Technology

Security Information and Event Management (SIEM)



Chapter 2. What is a Log?


Logs? What logs?

Criteria of Good Logging



Chapter 3. Log Data Sources


Logging Sources

Log Source Classification


Chapter 4. Log Storage Technologies


Log Retention Policy

Log Storage Formats

Database Storage of Log Data

Hadoop Log Storage

The Cloud and Hadoop

Log Data Retri


No. of pages:
© Syngress 2013
eBook ISBN:
Paperback ISBN:


"The authors provide a way to simplify the complex process of analyzing large quantities of varied logs. The log management and log analysis approaches they recommend are addressed in detail."--Reference and Research Book News, August 2013
"…Anton Chuvakin and his co-authors Kevin Schmidt and Christopher Phillips bring significant real-world experience to the reader and an important book on the topic....For those that want to find the gold in their logs…[it] is a great resource that shows how to maximize the gold that often lays hidden in your large stores of log data."--RSA Conference, December 2012