we used a forum based learning method.
This lesson we learn loosely about log correlation. where investigators collect logs from multiple sources and make a correlation between those logs to find anomalies, incident response in the network. the task this week is to create 2 vms and set up a graylog server for use in the following week. gray log is a tool that investigators to performs log correlation as it collects the log and gather them in one secure location with a gui that helps set up rules