As said before, system monitoring and usage of network traffic log files are important for gauging baseline performance and observing events. A baseline is used for later comparison, the system or users will compare the baseline to daily network traffic logs for any abnormalities. A log file records all events of daily use of a system, computer, or application. It records basic data, and any possible anomalies such as unknown accounts, devices, or IP addresses accessing the system, remote logins outside of normal time, invalid access attempts to the confidential data, multiple failed login attempts followed by a successful login, etc (Skwarlo, 2019).

Skwarlo, S. (2019, July 16). Cyber Security Baselines and Anomaly Detection. Retrieved October 14, 2020, from https://10dsecurity.com/cyber-security-baselines-anomaly-detection/