Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

( 1 )


Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.

Read ...
See more details below
BN.com price
(Save 31%)$49.95 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (13) from $27.32   
  • New (11) from $27.32   
  • Used (2) from $34.23   
Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac

Want a NOOK? Explore Now

NOOK Book (eBook)
BN.com price


Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.

Read More Show Less

Editorial Reviews

From the Publisher
"The authors provide a way to simplify the complex process of analyzing large quantities of varied logs. The log management and log analysis approaches they recommend are addressed in detail."—Reference and Research Book News, August 2013 "…Anton Chuvakin and his co-authors Kevin Schmidt and Christopher Phillips bring significant real-world experience to the reader and an important book on the topic....For those that want to find the gold in their logs…[it] is a great resource that shows how to maximize the gold that often lays hidden in your large stores of log data."—RSA Conference, December 2012
Read More Show Less

Product Details

  • ISBN-13: 9781597496353
  • Publisher: Elsevier Science
  • Publication date: 11/29/2012
  • Pages: 400
  • Sales rank: 479,501
  • Product dimensions: 7.40 (w) x 9.20 (h) x 0.90 (d)

Meet the Author

Dr. Anton Chuvakin is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of the books "Security Warrior" and "PCI
Compliance" and has contributed to many others, while also publishing dozens of papers on log management, correlation, data analysis, PCI DSS, and security management. His blog
(http://www.securitywarrior.org) is one of the most popular in the industry.
Additionaly, Anton teaches classes and presents at many security conferences across the world and he works on emerging security standards and serves on the advisory boards of several security start-ups. Currently, Anton is developing his security consulting practice,
focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations.
Anton earned his Ph.D. from Stony Brook University.

Kevin J. Schmidt is a senior manager at Dell SecureWorks, Inc., an industry leading MSSP, which is part of Dell. He is responsible for the design and development of a major part of the company’s SIEM platform. This includes data acquisition, correlation and analysis of log data.
Prior to SecureWorks, Kevin worked for Reflex Security where he worked on an IPS engine and anti-virus software. And prior to this he was a lead developer and architect at GuardedNet, Inc.,which built one of the industry’s first SIEM platforms. Kevin is also a commissioned officer in the United States Navy Reserve (USNR).
Kevin has over 19 years of experience in software development and design, 11 of which have been in the network security space. He holds a B.Sc. in computer science.

Christopher Phillips is a manager and senior software developer at Dell SecureWorks, Inc. He is responsible for the design and development of the company's Threat Intelligence service platform. He also has responsibility for a team involved in integrating log and event information from many third party providers for customers to have their information analyzed by the Dell SecureWorks systems and security professionals. Prior to Dell SecureWorks, Christopher has worked for McKesson and Allscripts where he worked with clients on HIPAA compliance and security and integrating healthcare systems. Christopher has over 18 years of experience in software development and design. He holds a Bachelors of Science in Computer Science and an MBA.

Read More Show Less

Table of Contents

Chapter 1 Logs, Trees, Forest: the Big Picture

Chapter 2 What is a Log?

Chapter 3 Generating Logs

Chapter 4 Log Storage Technologies

Chapter 5 Case study: syslog-ng

Chapter 6 Covert logging

Chapter 7 Analysis Goals, Planning and Preparation: What Are We Looking for?

Chapter 8 Simple Analysis Techniques

Chapter 9 Filtering, Matching and Correlation

Chapter 10 Statistical Analysis

Chapter 11 Log Data Mining

Chapter 12 Reporting and Summarization

Chapter 13 Visualizing Log Data

Chapter 14 Logging Laws and Logging Mistakes

Chapter 15 Tools for Log Analysis and Collection

Chapter 16 Log Management Procedures: Escalation, Response

Chapter 17 Attacks against logging systems

Chapter 18 Logging for Programmers

Chapter 19 Logs and Compliance

Chapter 20 Planning Your Own Log Analysis System

Chapter 21 Cloud Logging

Chapter 22 Log Standard and Future Trends

Read More Show Less

Customer Reviews

Average Rating 4
( 1 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted February 9, 2014

    Too many Information Technology Professionals do not have a dece

    Too many Information Technology Professionals do not have a decent idea about Logs and Logging and even if they did, they do not give much significance to this subject. Either way this book, Logging and Log Management, authors Chuvakin, Schmidt and Phillips takes away that vacuum of not having an authoritative reference to start working on logs. This book is not the effort of a single author but by three warriors who are gurus in the field of Computer Security and Threat Management where Logs are like bread and butter to an average person. In fact, one of the authors, Dr. Chuvakin, did work as a Chief Logging Evangelist whose responsibilities included logging for security, compliance, and operations. Considering the other two authors, Schmidt has experience in analyzing log data, while Phillips did integrate log and event information from third party providers. Hence, this book is the labor of three people having encyclopedic firsthand experience in Computer Logs and Log Management.
    The overall idea behind this book is to provide, an Information Technology Professional, a comprehensive introduction about how to understand and deal with log data. Hence, this book is ideal for System Administrators and Security Analysts but this book can also be used by an IT Professional who would like to master the craft of Logging and Log Management. The title of the book is accurate in the sense that this book purely deals with Logging and how to manage Logs. Yes, to understand the book you need to have a computer science background, backed by a good understanding of topics like operating systems, computer networks, computer programming and network security. This book is not language neutral because the examples presented in this book are mostly written in Perl and Java and hence you need to know to write code in at least one of these languages but most of the examples are simple and self-explanatory and you do not have to a crackerjack in computer programming.
    The organization of this book is quite detailed and in-depth.  The book starts by defining what Log is and then goes on to explain things like Log Data Sources, Log Storage Technologies, Covert Logging, Log analysis, Filtering, etc in its initial few chapters.  In the next eight to ten chapters, the book talks about attacks against Logging Systems, Concepts and Guidance to Programmers and others on how better log messages can be produced, Log Management Procedures, Logging Laws and Mistakes, Reporting and Summarizing Log Data, Log Data Mining, Visualizing Log Data, Tools for Log Analysis, Log Compliance etc. In the final few chapters, the book advises the reader how to plan one’s own Log Analysis System, Cloud Logging Log Standards and future trends in Logging.
    There are many resourceful concepts and explanations that I liked in this book. The first item that I would like to mention is - This book gives a good overview about the pros and cons of different types of Logging. This is done by explaining XML Logging, Syslog Logging, Textfile Logging and Proprietary Logging.  Different Log Storage formats, Covert Logging and Stealth Logging are also explained very well.  This book does show the user what a Log Report and Summarization should contain. I do agree with the authors that TreeMaps is an interesting way to visually see patterns in the log data file and the book has done well to explain TreeMaps. Although laws related to Logging vary from organization to organization, the authors have taken pains to explain in general the Law of collection, retention, monitoring, availability and security. Another interesting feature that this book points out is the mistakes that users usually make while setting up, collecting and analyzing Log data. The best part of this book is in chapter 20, which deals with how to plan one’s own log analysis system. The chapter opens with the need for a Log Analysis System, who should be involved, understanding your organization’s needs, how to do the software selection, how to define the logging policy and policy for data collection and retention of logs for your organization. For those of you who are ardent supporters of cloud computing, the authors have devoted a chapter for that too. In the chapter for cloud logging, authors begin the chapter with the definition for cloud computing and then goes on to explain about service delivery models, software as a service, storage and infrastructure as a service, cloud deployment models, characteristics of a cloud infrastructure, cloud logging and finally, the pros and cons of cloud logging.
    It would have been great if the authors actually included more examples about the topics covered in each chapter. Honestly, I think Logging and Log Management can be learned only by practice and the more examples a reader has, the better he or she is in learning what is explained in the book. This could also be given in the form of review questions at the end of a chapter. Again, the presentation of text within the book is not very pleasing; it could have been presented in a simple way thus creating less distraction to the reader. I also consider the list of contents of a chapter that is given at the beginning of the chapter as a nuisance. This is sometimes confusing and creates a crowded look at the beginning of the chapter. These contents should have been placed in the table of contents at the beginning of the book.
    Overall, this is a good book, in fact a good textbook, for those who are new to the world of Logs and Log Management. For those who are veterans and experienced authorities in the field of Log and Log Management, this book will help you consolidate your knowledge and will help experiment and experience news ways of logging that you have not attempted before. Therefore, definitely this book is for computer programmers, developers, system analysts, security professionals, and managers who deal with computer programs and code either for passion or as part of their job. Even if you are not directly involved in Logs and Log Management, this book will definitely give you insights in to how to write better code that will help those who debug your code later.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)