Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Big Data Forensics: Learning Hadoop Investigations

You're reading from   Big Data Forensics: Learning Hadoop Investigations Perform forensic investigations on Hadoop clusters with cutting-edge tools and techniques

Arrow left icon
Product type Paperback
Published in Aug 2015
Publisher
ISBN-13 9781785288104
Length 264 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Toc

Identifying evidence

Identifying evidence is a complex process. It involves surveying a set of possible sources of evidence and determining which sources warrant collection. Data in any organization's systems is rarely well organized or documented. Investigators will need to take a set of investigation requirements and determine which data needs to be collected. This requires the following steps:

  • Properly reviewing system and data documentation
  • Interviewing staff
  • Locating backup and noncentralized data repositories
  • Previewing data

The process of identifying Big Data evidence is made difficult by the large volume of data, distributed filesystem, the numerous types of data, and the potential for large-scale redundancy in evidence.

Big Data solutions are also unique since evidence can reside in different layers within it. Within Hadoop, evidence can take on multiple forms, as described in Chapter 2, Understanding Hadoop Internals and Architecture. To properly identify the evidence in Hadoop...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image