Social Network Visualization Based on Security LogsPosted: December 15, 2010 | |
I have been experimenting with security logs and data visualization for the past few months. I am using Tableau 6.0 as the visualization tool and email server log files as the data source (Spector360). The problem with illustrating a social network is in calculating the geocodes for the network nodes. This is usually done using force algorithms, which are typically research by university programs and not embedded into commercial visualization tools.
After countless hours of research and some mathematical maneuvering I managed to calculate geocodes for internal email aliases and all external parties that had either sent to or received from an internal alias. I then merged geocodes and path data with email logs and uploaded them into Tableau.
The beauty of Spector360 log files is that they really have every key stroke. Some time ago Google announced how they could predict spread of the N1H1 epidemic based on search data. Well now it is possible to do the same within a corporation, but not limited only to web filter logs.
My next project will be to merge IM and Chat logs to the emails logs. I also intend to bring in web logs so that they can be visually searched, as a function of the email/IM/chat based social linkages.