Final Week: Get an iPad (32 G), Galaxy Tab A, or Take $250 Off OnDemand Training - Ends Jan 27


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Log and Event Management Survey

  • Monday, October 06, 2014 at 1:00 PM EDT (2014-10-06 17:00:00 UTC)
  • Bill Roth, Jerry Shenk


  • VMWare, Inc

You can now attend the webcast using your mobile device!



After a one year hiatus, SANS is conducting its ninth log and event management survey. The Eighth Annual Log and Event Management Survey found that most organizations have difficulty separating normal log data from actionable events. As the industry continues to mature, organizations expect to be able to get more meaningful and actionable results from analysis of their event logs.

This webcast will share key findings of the survey and investigate what progress organizations have made in implementing log analysis software. Key takeaways will include:

  • Are logs living up to their potential in preventing and detecting advanced threats?
  • Does integration with SIEM improve analysis of events and if so, how?
  • What practices and technologies best support their log analysis functions?
  • What is broken and not working?
  • Where can improvements be made to improve visibility into events to detect, prevent and respond appropriately?

Register for this webcast and be among the first to access the associated whitepaper written by Jerry Shenk.

View the associated whitepaper.

Speaker Bios

Jerry Shenk

Jerry Shenk currently serves as a senior analyst for the SANS Institute and is senior security analyst for Windstream Communications, working out of the company’s Ephrata, Pennsylvania location. Since 1984, he has consulted with companies and financial and educational institutions on issues of network design, security, forensic analysis and penetration testing. His experience spans networks of all sizes, from small home-office systems to global networks. Along with some vendor-specific certifications, Jerry holds six Global Information Assurance Certifications (GIACs), all completed with honors: GIAC-Certified Intrusion Analyst (GCIA), GIAC-Certified Incident Handler (GCIH), GIAC-Certified Firewall Analyst (GCFW), GIAC Systems and Network Auditor (GSNA), GIAC Penetration Tester (GPEN) and GIAC-Certified Forensic Analyst (GCFA). Five of his certifications are Gold certifications. He also holds the CISSP certification.

Bill Roth

Bill Roth is the head of product marketing for VMware vCenter Log Insight. A 20+ year Silicon Valley veteran, he brings experience from both large and small companies alike, including Sun, BEA, Morgan Stanley and startups like Nexenta, LogLogic and E.piphany. He has an MS in Computer Science from the University of Wisconsin.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.