Users of security log data are collecting more needles than ever, report says. But they still have trouble finding and analyzing the specific information they need to diagnose potential security problems. Organizations are collecting logs for use in forensic analysis and correlation and to meet/prove regulatory compliance. Real-time alerts are the most useful feature of log management tools, according to respondents. The problem is finding a uniform way to analyze security data on disparate systems and logs, an expert says. With more use of TCP/IP and general-purpose servers, modern HVAC/SCADA systems are less obscure and therefore more accessible via remote attacks.”]
Source: https://www.darkreading.com/analytics/enterprises-logging-security-data-but-still-struggle-to-use-it