Application and Ser...
 
Notifications
Clear all

Application and Server Logs Investigation

4 Posts
4 Users
0 Likes
323 Views
(@harshbehl)
Posts: 67
Trusted Member
Topic starter
 

Hi
What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.

PM harsh_behl@live.com

 
Posted : 09/03/2016 9:41 pm
(@bithead)
Posts: 1206
Noble Member
 

Hi
What are the best procedures to investigate the application and server logs ?

Know what you are looking for. Searching with no predefined goal is a fools errand, much like asking overly broad questions.

Tools required etc.
Your advice will be highly appreciated.

PM harsh_behl@live.com

Splunk, Wireshark, ELK are a few of many tools (you did not provide any real details, so there is no way to be really helpful)

 
Posted : 11/03/2016 6:03 am
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

What are the best procedures to investigate the application and server logs ? Tools required etc.
Your advice will be highly appreciated.

Can you clarify what you're referring to? Which application and which server?

Thanks.

 
Posted : 11/03/2016 4:57 pm
MDCR
 MDCR
(@mdcr)
Posts: 376
Reputable Member
 

Without being specific

- Narrow your scope what is being suspected? Why are you sitting there looking at data?
- Make sure timestamps are in a uniform format before you use a timeline program, with timezones converted to one timezone if it is a geographically large investigation.
- Use a database program that allow you to do multiple searches using a query language like SQL, Cypher or Spring.
- Filter the results using what you know you are NOT looking for - to find what you are looking for.

If you want a more specific answer, you can ask specific questions.

Good luck.

 
Posted : 15/03/2016 8:11 pm
Share: