Log Necropsy: Web-Based Log Analysis Tool | IEEE Conference Publication | IEEE Xplore

Log Necropsy: Web-Based Log Analysis Tool


Abstract:

Modern IT systems rely heavily on event logging and event logs. Many applications, operating systems, network devices, and other system components can log events to a loc...Show More

Abstract:

Modern IT systems rely heavily on event logging and event logs. Many applications, operating systems, network devices, and other system components can log events to a local or remote log server. The existing log-based event analysis tools has limited forensic functionality, and search engines cannot filter the events by criteria. As a solution, this study provides a log analysis system that allows forensic investigators to log in using their email address and upload log files from an external device for processing. This also makes it possible to start a thorough investigation or carry out a quick analysis. In addition to uploading, this allows you to scan the exported log file for errors that require quick attention. Additionally, it allows for the import of numerous log files. The goal of this research is to be able to examine Windows event logs and read files in .csv format. The ability to extract meaning from a range of occurrences, as well as output structuring that represents this data in an accessible and easy-to-read format. Log files were uploaded, and a rapid analysis and user-filterable log search strategy were employed to accomplish this.
Date of Conference: 17-17 December 2022
Date Added to IEEE Xplore: 02 January 2023
ISBN Information:
Conference Location: Malacca, Malaysia

References

References is not available for this document.