|
|
SLAC Computer Security | ||
| SLAC Home | Computing Home | Computing Outages | Help | |||
Cyber Security Awareness Month
These tips are part of a month long effort to distribute useful computer security information to the SLAC community.
- Day 12 - Managing and Understanding Logs on the Desktop or Laptop
Here is some not-too-techy advice about logs from SANS Internet Storm Center and their contributing community:
Tip #1
Know your logs - the most important point is you need to know what logs your have, where they are located, and what data the may contain.
Tip #2
Know your system - your logs are most useful (especially in case of an incident) if you know what normal is for your systems.
Tip #3
Know what you don't know - don't be afraid to ask for assistance if you don't understand your logs. Not only in learning and using the logs but getting them analyzed. So many people are afraid that the logs will go over their head that they don't use them when there is a problem and thus cause only more frustration for themselves.
Tip #4
For reading logs on desktops, I use a (free) utility from Microsoft called EventCombMT (http://support.microsoft.com/kb/824209. It can scan the event logs of network attached Windows machines. I use it regularly to scan for disk errors that are showing up in event logs.
Owner: SLAC Computer Security |