If we do not have it we should build it.- If nothing goes right, push left.
TL;DR: Your logs should be simple, and structured, they should also contain enough information without disclosing sensitive data. Often accidental information disclosure within the logs can lead to future breaches. This talk focuses on the process of building logs taking into consideration the attack, the defense, and the investigation of breaches. Using the ideals from The Unicorn and The Phoenix project to develop the "Five Philosophies of Logging". This talk explores different aspects of logging pulling from years of experience of breach investigations and magic-wielding.