Writing structured logs for analysis
After a year of wrestling with grep against unstructured Apache logs, I have started building applications that produce structured logs by design. The exercise has changed how I think about what a logfile is for.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged logging — 3 results.
Logfile rotation, retention, and the things you only learn after losing logs
I lost important logs last week because I had not thought about retention. The lesson is more general than you would think, and the cure is mostly process rather than tooling.
Building a small honeypot from scratch
DTK is the right place to start. A weekend later, here is the much smaller honeypot I have written myself, what it logs, and the design decisions that turned out to matter.