This chapter is from the book
Foundation Topics
This chapter discusses methods for gathering information on network or device activity, including the use of system event logs. It also discusses how to ensure accurate time on the system clock, because accurate time stamps on gathered information are critical to properly analyzing that information.