Monitoring Computing Resources + Log Files

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/8

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

9 Terms

1
New cards

System monitoring

is typically done via system logs as well as through central management tools, including those found in cloud services

2
New cards

Application monitoring

may involve application logs, application management interfaces, and performance monitoring tests

3
New cards

Infrastructure devices

can also generate logs

4
New cards

Firewall logs

which can provide information about blocked and allowed traffic, and with more advanced firewalls like NGFW or UTM, devices can also provide application-layer details or IDS/IPS functionality along with other security service-related log information

5
New cards

Application logs

for Windows include information like installer information for applications, errors generated by applications, license checks, and any other logs that applications generate and send to application logs

6
New cards

Endpoint logs

such as application installation logs, system and service logs, and any other logs available from endpoint systems and devices

7
New cards

OS-specific security logs

for Windows Systems store information about failed and successful logins, as well as other authentication log information. Authentication and security logs for Linux systems are stored in /var/log/authlog and /var/log/secure

8
New cards

IDS/IPS logs

provide insight into attack traffic that was detected or in the case of IPS, blocked

9
New cards

Network logs

can include logs for routers and switches with configuration changes, traffic information, network flows, and data captured by packet analyzers like wireshark