This presentation will share some of the techniques and lessons learned in real-world Hadoop implementation at Johns Hopkins. Data will be sanitized as expected. But the focus will be on strategies and techniques used to collect and monitor audit and access log events from key Hadoop services and forwarding to a central server for monitoring, analysis, and response to any suspected breaches or incidents. Automation techniques, such as Ansible scripts to install agents or forwarders uniformly and efficiently across the cluster nodes will also be highlighted where appropriate.
-
A Live Forensic Distribution Executing Malicious Code from a Suspect Drive
Maxim Suhanov has started a DFIR blog, and already submitted the first post – “… -
Diffy: A Triage Tool for Cloud-Centric Incident Response
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix’… -
Office365 Log Analysis Framework
After yesterday’s webcast Matt Bromiley released his Office365 Log Analysis Framewor…
Load More Related Articles
-
No Tool Fits All – Why Building a Solid Toolbox Matters
In the world of forensics, mobile device investigations could be the most complicated of a… -
Smart Car Forensics and Vehicle Weaponization
Given a relatively new car with an infotainment system completely decoupled from the car&#… -
Fiddling with Flash Drive Forensics
Fiddling with Flash Drive Forensics – Alexander Klepal “””It alway…
Load More In Videos
