A variety of network devices collect and store data specific to the functioning of that particular device. Historically, network administrators would limit the amount of data to only the minimum, in order to reduce impact on the network and on their own maintenance tasks. Typically, administrators review this data only when engaged in some kind of troubleshooting. It is widely known that skilled hackers will work to remain “under the radar,” by organizing efforts to penetrate or exploit an environment in ways that avoid detection by these devices. They are aware that that the large volume of data being collected in isolated silos makes the use of this data of limited value. With the increased emphasis on “big data,” manufacturers of network devices and software have developed new interest in leveraging some of the functionality business intelligence applications have developed and in applying those tools to network monitoring and management activities.
Use the study materials and engage in any additional research needed to fill in knowledge gaps. Write a 2Ã¢â‚¬â€œ3-page paper that covers the following topics:
- Evaluate the log files that are available as part of an investigation within a particular international organization.
- Analyze the potential for integration of data streams generated and collected by the various log files available within an international organization.
- Engage in hands-on log file analysis specific to a particular investigation as part of the virtual lab activity.
- Explore the tension between collection of data by a variety of network security devices and the potentially negative impact on bandwidth and network response time.