Definitions

Quoting from Anton Chuvakin’s slides in his presentation in 2006 at FIRST:

Log analysis is (the) trying to make sense of system and network logs.

Computer forensics is (the) application of the scientific method to digital media in order to establish factual information for judicial review.

So…

Log forensics is (the) trying to make sense of system and network logs, in order to establish factual information for judicial review.

Makes sense, maybe I’ve been googling for the wrong keywords all this time! Till of late, I’ve been looking at this field largely from a data mining viewpoint.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s