By Mike S
Some years ago, I read that the next big shift in web development would be from hand-coding HTML (and everything that goes with webpages) to WYSIWYG editors doing all the coding behind the scenes.
Although that hasn’t fully been realized, can WYSIWYG-easy log analysis tools be on the horizon?
Further, yesterday I was trying to explain the state of the art of log analysis to a client (who looks to use his cool new technology for log analysis and SIEM), and I felt embarrassed to admit that, yes, “search” and “rules” are indeed the state of the art.
In other words, most of the analysis burden is on the tool USER BRAIN, not on the TOOL. They looked at me like I just wasted 10 years of my life, writing regexes and otherwise being a stupid monkey. Even things like profiling/baselining (example) or simple – and I mean SIMPLE – data mining (example, details) mostly stay on research drawing boards for ages.
intrusion detection , log analysis , security