Currently, we have been charged with auditing/reviewing the Router logs for our network. I was given READ access to them, and I can browse the logs. However, I do not know what I am looking for as far as ‘malicious’ activity. Can some one pls advise what is important to check in these router logs. (We have Cisco routers) Thanx. /RayM.
