Learning Logs

Sharing our logging knowledge. A place we log our insights, experiences, and findings as it pertains to the world of logs.

Articles

Latest Articles

Nov 20, 2024
trunc_team
Threat Hunting: An Advanced Guide to Log Analysis for Cybersecurity

Learn how to proactively identify cybersecurity threats through log analysis. This guide covers essential threat-hunting techniques, from detecting suspicious logins to flagging anomalies, ensuring your organization's defenses stay ahead of attackers.

Posted in:
Nov 19, 2024
trunc_team
Threat Hunting: A Basic Guide to Log Analysis for finding attackers

Learn how to proactively identify cybersecurity threats through log analysis. This guide covers essential threat-hunting techniques, from detecting suspicious logins to flagging anomalies, ensuring your organization's defenses stay ahead of attackers.

Posted in:
Nov 14, 2024
trunc_team
Top 5 Reasons to Monitor Web Server Logs for Better Security & Performance

Learn the top 5 reasons why monitoring web server logs is crucial for your website. Boost security, optimize performance, ensure compliance, and gain insights to enhance user experience. Don't miss these essential benefits!

Posted in:
Oct 4, 2024
trunc_team
Looking at your logs - DDoS attack

Looking at our web logs when the site is under a DDoS / HTTP flood attack. How it looks like.

Posted in:
Sep 24, 2024
trunc_team
Web Attack Analysis - Malicious IP 50.16.95.X

Web Attack Analysis - Malicious IP 50.16.95.X. Breakdown of the malicious activity from IP 50.16.95.X, Covering 50 different attack types, user-agent spoofing, and vulnerabilities across multiple platforms.

Posted in:
Sep 22, 2024
trunc_team
Logging basics: What is NetFlow

An explanation of NetFlow, including how it works, the data it collects, storage considerations, and how to analyze NetFlow records.

Posted in:
Jun 27, 2024
trunc_team
Understanding and Managing MySQL Logs

Learn how to enable, read, and analyze MySQL logs to monitor and troubleshoot your MySQL database effectively.

Posted in:
Jun 22, 2024
trunc_team
Understanding Linux Audit Logs: A Detailed Breakdown

An in-depth look at the types of Linux audit logs in /var/log/audit/audit.log, Enabled by default on Red Hat and Suse Linux, they can provide a lot of information about what is happening on your system.

Posted in:
Jun 7, 2024
trunc_team
Grep Performance - Testing how fast grep can parse through data

Grep Performance - Grep is the goto command to search for content on Linux and Unix systems. How fast can it go? And at what point you need a a different way to look for logs.

Posted in:
Jun 4, 2024
trunc_team
Logging basics: How Syslog Network Protocol Works - in the wire

Logging basics. An explanation of how the Syslog network protocol works, including message transmission, ports, and analysis with tcpdump.

Posted in:
May 13, 2024
Daniel Cid (@dcid)
Compressing SQLite databases with ZFS - A comprehensive guide and performance testing.

Compressing SQLite databases with the ZFS file system on Linux. Testing the storage gain and the performance difference.

Posted in:
Apr 30, 2024
trunc_team
Difference Between SIM, SIEM, Log Management, and Log Analysis

Explore the differences between SIM (Security Information Management), SIEM (Security Information and Event Management), log management, and log analysis.

Posted in:

Simple, Affordable, Log Management and Analysis.

14 days free trial. No credit card required.

Get Started