The debate between data and information has been going on for quite some
time. When people say "knowledge is power", are they referring to data or
information? Is knowledge different still? And how about "intelligence" where
does that fit?
How can we go from data to information to knowledge to intelligence?
The answer is simple. By understanding the animated nature of data evolution
and transformation, and acting upon this understanding.
And this is brought to light by logs from your Information Systems.
Understand this and unleash the Power of Logs.
Figure 1 - Data to Information to Knowledge to Intelligence, and the role of
logs as metadata
Data seems mainly one-dimensional.
Consult any data base or data warehouse, perform even complex queries on
these and you will get a "flat" answer.
The fact that you get a single answer will make you think that data is
Log Collection and Reporting requirements
So far in this series we have addressed:
Trust, visibility, transparency. SLA reports and service usage measurement.
Daisy chaining clouds. Transitive Trust.
Intelligent reports that don't give away confidential information.
Logs. Log Management.
Now, not all Log Management solutions are created equal, so what are some
high-level Log Collection and Reporting requirements that apply to Log
A sound Log Management solution needs to be flexible to collect logs from a
wide variety of log sources, including b... (more)
We saw what typically happens when trying to use static rule-based log
correlation to perform real-time incident management... combinatory explosion
and lack of scalability. How do you automate non-deterministic attacks in a
few discrete steps???
Today, we'll look at more scenarios for which static rule-based log
correlation doesn't make sense.
Attack Scenario Example 2: Brute Force Attack
Let's look at another example scenario. Brute Force Attack.
- A user tries to log in to his account
- He fails many times in a row and then finally succeeds
- Then "probably" a successful Brute ... (more)
The answer is Logs.
Logs are the only metadata that exists today that:
Is widely available Is 100% collectable Is 100% storable On which we can run
intelligent reports Allows us to understand the kinetics aspects of this
For example logs allow us to understand if a data has had several versions
and iterations and, for each iteration:
Who created, modified or deleted the data When was the information
created/modified/deleted What device was used for the
creation/modification/deletion Was that creation/modification/deletion
authorized It even gives us some cont... (more)
(In the context of Logs of course!!)
So the honeymoon is over.
The Cloud Provider that you so carefully selected is not performing like you
expected and you are eying the competition. You might even be considering
re-insourcing back some of your IT services.
So what happens to all the logs? As a customer, can you Trust that your
Provider(s) will not let you down and mess with your logs?
Well, first off, whose logs are they? Are they the Provider's logs because
they are logs generated by their physical equipment, or are these your logs
because they trace your... (more)