(2) Logging, Logs, and Log Ingestion Flashcards
Why is Time Synchronization so important to log analysis?
Attacks normally occur on multiple systems or locations, so if the time isn’t synchronized properly then it will lead to false assessments or scenarios.
In terms of network device log files, what are log levels?
Log levels define a specific component or connotation with them. For example in the Cisco world, log level 2 represents a critical software failure.
The log level that is set for data capture is important because if you set the wrong log level you can get misleading info or way too much info to be really useful, so there is a balance that must be had.
Why is the log level that is set for data capture important?
The log level that is set for data capture is important because if you set the wrong log level you can get misleading info or way too much info to be really useful, so there is a balance that must be had.
