Just FYI, Raffy is doing his class on logs and visualization at Source 2009. Sadly, I will miss it, but you should not :-)
"LOG ANALYSIS AND SECURITY VISUALIZATION
Have you noticed that your networks are becoming ever more complex? Isn't the task of securing your network ever more difficult? Have you tried to apply visualization to get better insights into your environment? Using today's data visualization techniques, you can gain a far deeper understanding of what's happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods.
What You Will Learn In This Training:
The goals is for the students to leave this class with the knowledge to visualize and manage their own IT data. They will learn the basics of log analysis, learn about common data sources, get an overview of visualization techniques, and learn how to generate visual representations of IT data for a number of different use-cases from DoS and worm detection to compliance reporting. The training is filled with hands-on exercises utilizing the DAVIX live CD."
Go here for more details and to sign up now.