We kicked off this chapter with an OSI model refresher, and since we covered basic network forensics scenarios in the previous chapter, we shifted our focus toward log-based analysis. We looked at a variety of log structures and learned about how we can parse them by making use of various types of software analyzers. We explored application-server logs, database logs, firewall logs, proxy server logs, and IDS logs. We also made use of the strategies learned in this chapter to solve the case study. We are now prepped with the basics of network forensics, and soon we'll dive into the advanced concepts.