Application and Ser...
 
Notifications
Clear all

Application and Server Logs Investigation

4 Posts
4 Users
0 Reactions
757 Views
(@harshbehl)
Trusted Member
Joined: 12 years ago
Posts: 67
Topic starter   [#13932]

Hi
What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.

PM [email protected]



   
Quote
(@bithead)
Noble Member
Joined: 21 years ago
Posts: 1206
 

Hi
What are the best procedures to investigate the application and server logs ?

Know what you are looking for. Searching with no predefined goal is a fools errand, much like asking overly broad questions.

Tools required etc.
Your advice will be highly appreciated.

PM [email protected]

Splunk, Wireshark, ELK are a few of many tools (you did not provide any real details, so there is no way to be really helpful)



   
ReplyQuote
keydet89
(@keydet89)
Famed Member
Joined: 22 years ago
Posts: 3568
 

What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.

Can you clarify what you're referring to? Which application and which server?

Thanks.



   
ReplyQuote
MDCR
 MDCR
(@mdcr)
Reputable Member
Joined: 16 years ago
Posts: 376
 

Without being specific

- Narrow your scope what is being suspected? Why are you sitting there looking at data?
- Make sure timestamps are in a uniform format before you use a timeline program, with timezones converted to one timezone if it is a geographically large investigation.
- Use a database program that allow you to do multiple searches using a query language like SQL, Cypher or Spring.
- Filter the results using what you know you are NOT looking for - to find what you are looking for.

If you want a more specific answer, you can ask specific questions.

Good luck.



   
ReplyQuote
Share: