Could anyone recomend a book, site, tutorial, or article that would help me in reading
logs and analizing them. I currently know snort fairly well, i know how to write basic
rules but reading the hex logs have been always a strugle. I have some intermediate
understanding in TCP/IP as well. I was able to answer all the questions from the honeynet
challenge (for begginers) although i did not notice the decoy serves.
Help is deaply apriciated, also a sample file for begginers would also be helpfull.

thank you