Hi everyone,
I’ve written a new blog article on normalizing your logs. This topic is so important to effective log management and analysis. I hope it’s got some useful information for some of you who are just starting out!
Many thanks,
Jim
Good job. thanks
One suggestion, add some examples for a better understanding: e.g.
SourceAddress, SrcAddress, Src-IP → normalized to “src_ip”
or
Username, uname, loginname, user → normalized to “username”