EP039 – Log ALL THE THINGS
Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin
Greetings & Banter
Max did his first conference talk ever! The slides are on our website here, and the video of Max presenting it can be found on YouTube here.
The BSides framework can be found at the Security BSides site.
Topic for this week: An in-depth explanation of logs
Special Guest: Allan Stojanovic!
The Ultra basics: Wikipedia explains what logfiles are (with links to logging systems and log viewers)
Centralize logs! This is a 2003 SANS whitepaper on how to architect and implement centralized logging
And then do something with the logs… This is where it’s handy to have a SIEM
And we spoke about automation. Specifically we spoke of Fail2Ban.
If you’re interested in more technical details, check out Allan’s talks on YouTube from:
BSides Toronto 2014: Logs and Tactical Defence
and BSides Toronto 2015: MOAR Logs and Tactical Defence