Manage Learn to apply best practices and optimize your operations.

Log management and analysis: How, when and why

Security teams log lots events—more and more of them all the time.  Unfortunately, they don't make much use of these logs except in retrospect when trying to understand something long after it happened.  In order to improve your organizations security posture, security teams needs to make better use of logs.  The challenges in doing so are both organizational and technical, and it is imperative that you address both sides of the problem.  Security and network teams must work together in order to implement robust aggregation, analysis, reporting and search.


In this presentation, we’ll review how to make the most of logs to augment an organization’s security posture. Specific points of emphasis include:

  • Knowing what you know: Assessing your current state of log collection and aggregation
  • Knowing how to understand it: Making sure you can normalize and analyze logs for key security data
  • Knowing what to do with it:  Organizing security and networking teams to make optimal use of log data
  • Knowing what to look for: What to look for in assessing log management, correlation and analysis tools


View All Videos

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.







  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...