A. Kamal, Asif Iqbal Hajamydeen, Adam Amril Jaharadak
{"title":"日志尸检:基于web的日志分析工具","authors":"A. Kamal, Asif Iqbal Hajamydeen, Adam Amril Jaharadak","doi":"10.1109/ICSPC55597.2022.10001797","DOIUrl":null,"url":null,"abstract":"Modern IT systems rely heavily on event logging and event logs. Many applications, operating systems, network devices, and other system components can log events to a local or remote log server. The existing log-based event analysis tools has limited forensic functionality, and search engines cannot filter the events by criteria. As a solution, this study provides a log analysis system that allows forensic investigators to log in using their email address and upload log files from an external device for processing. This also makes it possible to start a thorough investigation or carry out a quick analysis. In addition to uploading, this allows you to scan the exported log file for errors that require quick attention. Additionally, it allows for the import of numerous log files. The goal of this research is to be able to examine Windows event logs and read files in .csv format. The ability to extract meaning from a range of occurrences, as well as output structuring that represents this data in an accessible and easy-to-read format. Log files were uploaded, and a rapid analysis and user-filterable log search strategy were employed to accomplish this.","PeriodicalId":334831,"journal":{"name":"2022 IEEE 10th Conference on Systems, Process & Control (ICSPC)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Log Necropsy: Web-Based Log Analysis Tool\",\"authors\":\"A. Kamal, Asif Iqbal Hajamydeen, Adam Amril Jaharadak\",\"doi\":\"10.1109/ICSPC55597.2022.10001797\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern IT systems rely heavily on event logging and event logs. Many applications, operating systems, network devices, and other system components can log events to a local or remote log server. The existing log-based event analysis tools has limited forensic functionality, and search engines cannot filter the events by criteria. As a solution, this study provides a log analysis system that allows forensic investigators to log in using their email address and upload log files from an external device for processing. This also makes it possible to start a thorough investigation or carry out a quick analysis. In addition to uploading, this allows you to scan the exported log file for errors that require quick attention. Additionally, it allows for the import of numerous log files. The goal of this research is to be able to examine Windows event logs and read files in .csv format. The ability to extract meaning from a range of occurrences, as well as output structuring that represents this data in an accessible and easy-to-read format. Log files were uploaded, and a rapid analysis and user-filterable log search strategy were employed to accomplish this.\",\"PeriodicalId\":334831,\"journal\":{\"name\":\"2022 IEEE 10th Conference on Systems, Process & Control (ICSPC)\",\"volume\":\"67 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 10th Conference on Systems, Process & Control (ICSPC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSPC55597.2022.10001797\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 10th Conference on Systems, Process & Control (ICSPC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSPC55597.2022.10001797","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modern IT systems rely heavily on event logging and event logs. Many applications, operating systems, network devices, and other system components can log events to a local or remote log server. The existing log-based event analysis tools has limited forensic functionality, and search engines cannot filter the events by criteria. As a solution, this study provides a log analysis system that allows forensic investigators to log in using their email address and upload log files from an external device for processing. This also makes it possible to start a thorough investigation or carry out a quick analysis. In addition to uploading, this allows you to scan the exported log file for errors that require quick attention. Additionally, it allows for the import of numerous log files. The goal of this research is to be able to examine Windows event logs and read files in .csv format. The ability to extract meaning from a range of occurrences, as well as output structuring that represents this data in an accessible and easy-to-read format. Log files were uploaded, and a rapid analysis and user-filterable log search strategy were employed to accomplish this.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
