Log files are the primary data source for network observability and they contain records of all events including operations within systems, applications, software or server, and thus, it is crucial to keep these them as secure as possible. The way to secure these files right now is by log management, the practice of continuously gathering, storing and analyzing log files from applications. Log management can help us to identify technical issues when we are unable to locate where the problem is, also strengthen the security because it can determine unusual activities and notify users.
Log files management contains plenty of functions – collection, monitoring, analysis, retention etc…During the analysis process, it has priority to detect issues like – defining bugs and security threats from the collected log files. Cloud-based management is used widely nowadays and many free trials tools for users online but there are still some problems accrues: hard to evaluate a large volume of log files efficiently, the record about when the log files have been accessed can be erased by the third party application and so on. All these problems indicate that it still needs to be improved.
As mentioned above, most log management systems aim to use the cloud-based because of its affordability and easier to maintain, there are still improvements that could be made in this aspect, for example: how Apache Spark and Elasticsearch could be used during the collecting and analyzing process. However, we believe on premises log management systems could be the new trend for security reasons. On premises log management systems allow users to store log files locally which can make sure that the log files are only accessible to local users and to better secure these files.
Delieverable:
Feb 7th: Proposal deadline
-Feb 21st: Finding research paper and starting the analysis.
-March 8th: Complete the rest of the paper.
-March 22nd: Finish the paper and review.
URL:
[2] https://www.elastic.co/guide/en/elasticsearch/hadoop/current/spark.html
[3] https://www.humio.com/glossary/log-management/
[4] https://dynamics.folio3.com/blog/on-premise-vs-cloud-erp-software-difference/
Leave a Reply