Submit Search
Upload
Baselining Logs
•
14 likes
•
4,536 views
Anton Chuvakin
Follow
This is my old presentation on using baselining methods for log analysis.
Read less
Read more
Technology
Business
Report
Share
Report
Share
1 of 24
Recommended
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Cloudera, Inc.
Incident response process
Incident response process
Bhupeshkumar Nanhe
Needle in the Haystack—User Behavior Anomaly Detection for Information Securi...
Needle in the Haystack—User Behavior Anomaly Detection for Information Securi...
Databricks
UEBA
UEBA
Christophe M. Anciaux ☁
Cyber Table Top Exercise -- Model Roadmap
Cyber Table Top Exercise -- Model Roadmap
David Sweigert
Anomaly detection with machine learning at scale
Anomaly detection with machine learning at scale
Impetus Technologies
An Introduction to Anomaly Detection
An Introduction to Anomaly Detection
Kenneth Graham
SACON - Threat hunting (Chandra Prakash)
SACON - Threat hunting (Chandra Prakash)
Priyanka Aash
More Related Content
What's hot
Analysis of digital evidence
Analysis of digital evidence
rakesh mishra
18 Data Streams
18 Data Streams
Pier Luca Lanzi
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Omar Shaya
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Impetus Technologies
Autoencoder Forest for Anomaly Detection from IoT Time Series
Autoencoder Forest for Anomaly Detection from IoT Time Series
Yiqun Hu
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Alistair Gillespie
Threat Hunting
Threat Hunting
Splunk
Data recovery
Data recovery
Ravi Malik
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Data Science Thailand
Email Forensics
Email Forensics
Gol D Roger
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
A review of machine learning based anomaly detection
A review of machine learning based anomaly detection
Mohamed Elfadly
Detecting Fraud Using Data Mining Techniques
Detecting Fraud Using Data Mining Techniques
DecosimoCPAs
Anomaly Detection
Anomaly Detection
DataminingTools Inc
Fraud detection system
Fraud detection system
baladutt
Computer Forensics.pptx
Computer Forensics.pptx
Happyness Mkumbo
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
Yolanta Beresna
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptx
Infosec
Computer Forensics ppt
Computer Forensics ppt
OECLIB Odisha Electronics Control Library
What's hot
(20)
Analysis of digital evidence
Analysis of digital evidence
18 Data Streams
18 Data Streams
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Autoencoder Forest for Anomaly Detection from IoT Time Series
Autoencoder Forest for Anomaly Detection from IoT Time Series
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Threat Hunting
Threat Hunting
Data recovery
Data recovery
Sqrrl and IBM: Threat Hunting for QRadar Users
Sqrrl and IBM: Threat Hunting for QRadar Users
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Email Forensics
Email Forensics
Cyber Threat Intelligence
Cyber Threat Intelligence
A review of machine learning based anomaly detection
A review of machine learning based anomaly detection
Detecting Fraud Using Data Mining Techniques
Detecting Fraud Using Data Mining Techniques
Anomaly Detection
Anomaly Detection
Fraud detection system
Fraud detection system
Computer Forensics.pptx
Computer Forensics.pptx
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptx
Computer Forensics ppt
Computer Forensics ppt
Viewers also liked
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton Chuvakin
Anton Chuvakin
Hoại tử xương do dùng thuốc viêm khớp bừa bãi
Hoại tử xương do dùng thuốc viêm khớp bừa bãi
rubye157
Time For A Change: How clear formate brine drilling fluids are outperforming ...
Time For A Change: How clear formate brine drilling fluids are outperforming ...
John Downs
Introduction to Database Log Analysis
Introduction to Database Log Analysis
Anton Chuvakin
WELL LOGGING 2
WELL LOGGING 2
Mahmoud Hassan
Vincent Industry Service Log
Vincent Industry Service Log
Vincent Tam
Open Hole Electric logs interpretation
Open Hole Electric logs interpretation
Mourad Wassef
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Anton Chuvakin
Log Files
Log Files
Heinrich Hartmann
Process improvement techniques
Process improvement techniques
Hakeem-Ur- Rehman
Well logging
Well logging
saikiranrohith
Tutorial imex builder (field units)
Tutorial imex builder (field units)
Viviana Ávila Navarro
Well logging
Well logging
Nisar Almani
Well logging
Well logging
Omer M. Ahmed
Geophysical well logging
Geophysical well logging
Ricardo Figueiredo
well logging tools and exercise_dileep p allavarapu
well logging tools and exercise_dileep p allavarapu
knigh7
Well logging analysis: methods and interpretation
Well logging analysis: methods and interpretation
Cristiano Ascolani
Formation evaluation and well log correlation
Formation evaluation and well log correlation
Swapnil Pal
Chemical kinetics presentation
Chemical kinetics presentation
University Of Johannesburg, SA
Value Stream Mapping Process
Value Stream Mapping Process
Anand Subramaniam
Viewers also liked
(20)
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton Chuvakin
Hoại tử xương do dùng thuốc viêm khớp bừa bãi
Hoại tử xương do dùng thuốc viêm khớp bừa bãi
Time For A Change: How clear formate brine drilling fluids are outperforming ...
Time For A Change: How clear formate brine drilling fluids are outperforming ...
Introduction to Database Log Analysis
Introduction to Database Log Analysis
WELL LOGGING 2
WELL LOGGING 2
Vincent Industry Service Log
Vincent Industry Service Log
Open Hole Electric logs interpretation
Open Hole Electric logs interpretation
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Log Files
Log Files
Process improvement techniques
Process improvement techniques
Well logging
Well logging
Tutorial imex builder (field units)
Tutorial imex builder (field units)
Well logging
Well logging
Well logging
Well logging
Geophysical well logging
Geophysical well logging
well logging tools and exercise_dileep p allavarapu
well logging tools and exercise_dileep p allavarapu
Well logging analysis: methods and interpretation
Well logging analysis: methods and interpretation
Formation evaluation and well log correlation
Formation evaluation and well log correlation
Chemical kinetics presentation
Chemical kinetics presentation
Value Stream Mapping Process
Value Stream Mapping Process
Similar to Baselining Logs
Log Mining: Beyond Log Analysis
Log Mining: Beyond Log Analysis
Anton Chuvakin
Logs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Anton Chuvakin
Events Management or How to Survive Security Incidents
Events Management or How to Survive Security Incidents
guest6fd3c2f9
Belnet events management
Belnet events management
Xavier Mertens
Audit logs for Security and Compliance
Audit logs for Security and Compliance
Anton Chuvakin
Making Logs Sexy Again: Can We Finally Lose The Regexes?
Making Logs Sexy Again: Can We Finally Lose The Regexes?
Anton Chuvakin
What Every Organization Should Log And Monitor
What Every Organization Should Log And Monitor
Anton Chuvakin
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Anton Chuvakin
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
guestc0c304
Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008
Anton Chuvakin
FIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident Response
Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
Anton Chuvakin
What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)
Brian Brazil
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin
CSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
CSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
Anton Chuvakin
Logs vs Insiders
Logs vs Insiders
Anton Chuvakin
Anton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data Centralization
Anton Chuvakin
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
Anton Chuvakin
CONFidence 2007 Log Forensics TEASER Preso
CONFidence 2007 Log Forensics TEASER Preso
Anton Chuvakin
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Anton Chuvakin
Similar to Baselining Logs
(20)
Log Mining: Beyond Log Analysis
Log Mining: Beyond Log Analysis
Logs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Events Management or How to Survive Security Incidents
Events Management or How to Survive Security Incidents
Belnet events management
Belnet events management
Audit logs for Security and Compliance
Audit logs for Security and Compliance
Making Logs Sexy Again: Can We Finally Lose The Regexes?
Making Logs Sexy Again: Can We Finally Lose The Regexes?
What Every Organization Should Log And Monitor
What Every Organization Should Log And Monitor
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008
FIRST 2006 Full-day Tutorial on Logs for Incident Response
FIRST 2006 Full-day Tutorial on Logs for Incident Response
Log Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
What does "monitoring" mean? (FOSDEM 2017)
What does "monitoring" mean? (FOSDEM 2017)
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
CSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
CSI NetSec 2007 Six MIstakes of Log Management by Anton Chuvakin
Logs vs Insiders
Logs vs Insiders
Anton Chuvakin on Security Data Centralization
Anton Chuvakin on Security Data Centralization
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
CONFidence 2007 Log Forensics TEASER Preso
CONFidence 2007 Log Forensics TEASER Preso
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
Log Management For e-Discovery, Database Monitoring and Other Unusual Uses
More from Anton Chuvakin
Meet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton Chuvakin
Anton Chuvakin
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Anton Chuvakin
20 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022
Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
Anton Chuvakin
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
Anton Chuvakin
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Anton Chuvakin
Modern SOC Trends 2020
Modern SOC Trends 2020
Anton Chuvakin
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton Chuvakin
Generic siem how_2017
Generic siem how_2017
Anton Chuvakin
Tips on SIEM Ops 2015
Tips on SIEM Ops 2015
Anton Chuvakin
Five SIEM Futures (2012)
Five SIEM Futures (2012)
Anton Chuvakin
RSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics Presentation
Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Anton Chuvakin
SIEM Primer:
SIEM Primer:
Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Anton Chuvakin
More from Anton Chuvakin
(20)
Meet the Ghost of SecOps Future by Anton Chuvakin
Meet the Ghost of SecOps Future by Anton Chuvakin
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SANS Webinar: The Future of Log Centralization for SIEMs and DFIR – Is the En...
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
Hey SOC, Look LEFT! by Anton Chuvakin RSA 2023 Booth
20 Years of SIEM - SANS Webinar 2022
20 Years of SIEM - SANS Webinar 2022
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
10X SOC - SANS Blue Summit Keynote 2021 - Anton Chuvakin
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2020 Groovy SOC Tunes aka Modern SOC Trends
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Modern SOC Trends 2020
Modern SOC Trends 2020
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in Brief
Generic siem how_2017
Generic siem how_2017
Tips on SIEM Ops 2015
Tips on SIEM Ops 2015
Five SIEM Futures (2012)
Five SIEM Futures (2012)
RSA 2016 Security Analytics Presentation
RSA 2016 Security Analytics Presentation
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
Practical Strategies to Compliance and Security with SIEM by Dr. Anton Chuvakin
SIEM Primer:
SIEM Primer:
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
Log management and compliance: What's the real story? by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
On Content-Aware SIEM by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Making Log Data Useful: SIEM and Log Management Together by Dr. Anton Chuvakin
Recently uploaded
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
bruanjhuli
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Pedro Manuel
20230104 - machine vision
20230104 - machine vision
Jamie (Taka) Wang
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
infogdgmi
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Tarek Kalaji
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
Matsuo Lab
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UbiTrack UK
201610817 - edge part1
201610817 - edge part1
Jamie (Taka) Wang
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IES VE
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
Brian Pichman
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
DianaGray10
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
Asko Soukka
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
DianaGray10
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
UiPathCommunity
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
DianaGray10
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Jamie (Taka) Wang
20150722 - AGV
20150722 - AGV
Jamie (Taka) Wang
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
Aggregage
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
D Cloud Solutions
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
David Newbury
Recently uploaded
(20)
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
20230104 - machine vision
20230104 - machine vision
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
201610817 - edge part1
201610817 - edge part1
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
20150722 - AGV
20150722 - AGV
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
Baselining Logs
1.
Baselining Logs How
to create baselines and analyze logs effectively?
2.
3.
4.
5.
6.
7.
8.
9.
10.
Baseline Lifecycle II
11.
12.
13.
14.
15.
16.
Example 2:
Can you Guess What Happened?!
17.
Example 4:
Can you Guess What Happened?!
18.
19.
20.
Examples
21.
22.
23.
24.