Log2Pcap

by Joaquin Moreno
Sept. 1, 2017 0 comments SANS Institute forensics

During the analysis of all the available data that are logged, organizations must be able to identify which portions of this information are actionable and pertinent. This tedious process is related with the normalization process, and also, with the parsing log process (Paul, 2011). To help with this tiring work, people devoted to incident handling and computer forensics usually have programs that search for patterns in those logs and identify potential dangerous events (msbachman, 2010) (Worman, 2009).

https://www.sans.org/reading-room/whitepapers/forensics/log2pcap-34205