Overview
Most firewalls and other security appliances generate text-based logs that you can read through manually or feed into SIEM or other analysis tools. Even if you rely primarily on correlated reports, understanding the information in raw output will help you to effectively distinguish real threats from false positives.