‘Anonymous’ email from Hotmail
The board received email from Hotmail that another person received an increase and a higher position due to the fact that he was management favorite and not the right person. Numerous allegations which contravened the ‘Acceptable Use’ policy were in the email. The problem with external email such as Hotmail, GMail, Yahoo, and Outlook is that you cannot obtain information from the said webmail service providers.
Consolidate logs from disparate resources and develop an application to analyse the consolidated logs. A breakthrough was attained analyzing the web logs via the proxy and finding a PUT statement in the W3C logs to Hotmail around the time of the header of the email. The user was identified and challenged with the information and he confessed.
- Log and event file formats