About the Course
Log files contain valuable information for infrastructure management as most malicious exploits and intrusions leave their fingerprints all over log files and system performance issues can be identified from analyzing specific log data. In this module, the learner will evaluate log files and learn tools to extract associated valuable data for detecting cyber threats and system performance issues. In particular, the module will provide the learner with skills to apply and use log file management tools, access log files, efficiently search log data using best practices. The learner will apply this knowledge to evaluate and implement YARA and Sigma rules for Indicators of Compromise (IoCs) and system information and event management tools. At the end of the module the learner should have developed a mindset for using log files for cyber security and incident investigation including system performance issues.
Dr. George O'Mahony & Dr. Anthony Keane (TU Dublin)
NICE Framework Role