Given that I am closely involved in a log management business, I sometimes have those moments that I see logs everywhere. But guess what? Logs are everywhere! From a server under your desk to satellites to ship systems to personal electronics to telecom equipment to building control systems - logs are indeed omnipresent.
And, at present, such logs are never looked at. How often do you - or, even worse, a typical computer user - look at your Windows (Linux?) workstation logs? I am guessing: when something goes wrong. It is pretty much the same for most of the above logs. And that is how it always was - from the olde times of "The Cuckoo Egg" (and probably even from the times of the ENIAC) to today.
But - and here is the point! - it is changing now. My natural flow of log management shows us that people start looking at common firewalls and servers before they look at operational logs from, say, an elevator in their building, such log sources are out there. However, the time when people will start looking at most of the above logs - and not only after a problem rears its ugly head - is coming ...
Yes, I am being somewhat philosophical here at 21,456 ft, flying back from DoD Cybercrime 2007...
