Hi
What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.
PM harsh_behl@live.com
Hi
What are the best procedures to investigate the application and server logs ?
Know what you are looking for. Searching with no predefined goal is a fools errand, much like asking overly broad questions.
Tools required etc.
Your advice will be highly appreciated.PM harsh_behl@live.com
Splunk, Wireshark, ELK are a few of many tools (you did not provide any real details, so there is no way to be really helpful)
What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.
Can you clarify what you're referring to? Which application and which server?
Thanks.
Without being specific
- Narrow your scope what is being suspected? Why are you sitting there looking at data?
- Make sure timestamps are in a uniform format before you use a timeline program, with timezones converted to one timezone if it is a geographically large investigation.
- Use a database program that allow you to do multiple searches using a query language like SQL, Cypher or Spring.
- Filter the results using what you know you are NOT looking for - to find what you are looking for.
If you want a more specific answer, you can ask specific questions.
Good luck.