To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyses reviews to verify trustworthiness.
I can tell it's a good book, however, not friendly to beginners. Very early on in the book it states that it doesn't teach networking basics. Should've known better, but definitely not downgrading the book! Just a personal mistake that I made and I don't want you to do the same!
The good: Applied NSM is a good book to read to learn about this topic. The author knows his stuff, and he's a pretty good teacher. Technical terms are defined before they're used, so you won't get lost. Everything is approached step-by-step, you won't run into the Draw An Owl Meme (google it) problem. Also the text is comprehensive, important topics are not left out.
Who the book is written for: I'm a network administrator with over a decade of experience, I manage a decent sized network by myself, and wanted more knowledge about this area of network security. The book is more aimed at, "I have a beginners level knowledge of networks and I want to get hired somewhere where my job title is "Network Security Analyst". So the explanations are woven with the thread of a team in mind, but not in a way that detracts from your ability to learn if you're a lone wolf.
The bad: I wish I could give the book 4.5 stars. The only problem I ran into is that for my taste, which is borne out of decades of reading technical documentation, the author is a bit long winded. It's not terse enough. Explanations that could be offered in one short sentence are drawn out into a paragraph. I suppose this is good if you're a complete beginner, but it made the text a big of a slog for me, and I found myself skipping first paragraphs and then pages.
For example, suppose I wanted to communicate to you this brief and technical point: "The lsof command prints a list of open files, the -i argument lists network connections." The author would render that into this:
"Various commands are able to display the current status of the computer. From time to time, users may want the ability to view which files on the computer are open and which files are not. Fortunately, the computer provides a tool that is able to do this. If you want to view open files on the computer, for example, you can use the lsof command, which is typed into your terminal. The lsof command provides various options as well in order to change its output. For example, -i is one of the available options. -i allows lsof to view the activity of the network interface in the form of active and listening connections."
Overall, though, if you're a beginner and you want knowledge on this topic, this book will give it to you.
Most enterprises split (as covered in the book) NSM into tiers up to three. This book will assist anyone just getting in the field and help with foundational processes to unlock tier 2. Coverage of monitoring tools is spot on and does a decent job of proposing monitoring strategies. The book recommends good habits such as keeping an analyst journal and takes the perspective of an operator in the trenches.
Would have liked to read about some novel approaches that leverage monitoring or, techniques to automate the most routine tasks but overall the book is an excellent desktop reference and guidance to NSM by analyst, for analyst.