<P> Indicator of compromise (IOC)--in computer forensics is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion . </P> <P> Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers . After IOCs have been identified in a process of incident response and computer forensics, they can be used for early detection of future attack attempts using intrusion detection systems and antivirus software . </P>

Which is a type of indicator not provided by logging