A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Garbage in, garbage out: generating useful log data in complex environments - Ellen Hartstack and Matthew Sullivan Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Garbage in, garbage out: generating useful log data in complex environments
Ellen Hartstack and Matthew Sullivan
Derbycon 2016

Log messages. Your company probably has billions of them; but are they useful, or just noise? Having meaningful log data is a critical part of running a successful IT shop or hosted web application. How often does your user hit that weird edge-case bug? How many times has this IP address accessed our web front-end using a non-standard browser? How much processing time could we save our customer by refactoring that one function? In many environments, finding answers to these types of questions can be difficult or even impossible. Sure, the data might be there, but is it even useful? In this sysadmin and developer-focused talk, we'll discuss ways to provide more meaningful and parsable log data, whether using an off-the-shelf product, open source, or written in-house. We'll also briefly demonstrate how tools like Splunk or ELK stack can be leveraged to make better decisions, saving time and money.

Ellen Hartstack wears several hats as either a system administrator, data scientist, or security analyst, depending on the day. Ellen has worked in both the public and private sectors, and enjoys helping teams make data-driven decisions as efficiently as possible. Matthew Sullivan is a pentester, developer, and security analyst living in Ames, Iowa. Matthew is the co-founder of the OWASP Ames chapter, creator of the Cookie Cadger HTTP session auditing tool, and an occasional presenter to both technical and non-technical audiences at various conferences and seminars.

Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast