I spend a lot of time using R, the programming language and software environment for statistical computing and graphics. It's incredibly useful for visualization and analysis, consider Data-Driven Security as a great starting point and reference, along with this article, if you're further interested.
One of my recent discoveries (I'm new to R use, a terrible programmer and a worse statistician), is the use of system to invoke the OS command specified. As an example, I love Log Parser and often use it to parse or write out log events to CSV. Once in CSV they can be transformed and analyzed further in so many ways. One of the great things about R is the ability to ingest CSV and apply statical or visual methods to the data. With system, in two lines I can call Log Parser, pull the Windows security event log, write it to CSV, and create a data frame out of it that I can then do any number of other cool things with. Note: to pull the Windows security event log you need to be running with elevated privilege and need to run R as admin for this example scenario.
Set a working directory: setwd("D:/coding/R/EventVizWork")
Read the results into a data frame: secevtlog <- read.csv("security.csv")
Tomorrow I'll show you what we can do with it. :-)
Jul 31st 2015
|Thread locked Subscribe||
Jul 31st 2015
6 years ago