Logs are one of the key ways security professionals detect unusual or malicious activity. A log is a rec__________ of events that occur within an organization's systems. System activity is recorded in what's known as a log file or commonly called logs. Almost every device or system can generate logs. Logs contain multiple entries which detail information about a specific event or occurrence.

Logs are useful to security analysts during incident investigation since they record details of what, where, and when an event occurred on the network. This includes details like date, time, location, the action made, and the names of the users or systems who performed the action. These details offer valuable insight, not only for troubleshooting issues related to system performance, but most importantly, for security monitoring. Logs allow analysts to build a story and timeline around various event occurrences to understand what exactly happened.

Since different types of devices and systems can create logs, there are different log data sources in an envir____________. These include network logs, which are generated by devices such as proxies, routers, switches, and firewalls, and system logs, which are generated by operating systems. There's also application logs, which are logs related to software applications, security logs, which are generated by security tools like IDS or IPS, and lastly authentication logs, which record login attempts.

One of the most commonly used log formats is Syslog. Syslog is both a prot_______ and a log form_______. As a prot______, it transports and writes logs. As a log form_______, it contains a header, followed by structured-data, and a message. The Syslog entry includes three sections: a header, structured-data, and a message.

Let's explore another common log format you might encounter as a security analyst. JavaScript Object Notation, more popularly known as JSON, is a text-based format designed to be easy to read and write. It also uses key-value pai____ to structure data.

eXtensible Markup Language, or XML, is a language and a format used for storing and transmitting data. Instead of key-value pairs, it uses ta__________ and other keys to structure data.

Comma Separated Values, or CSV, is a format that uses separators like commas to separate data val_________.