I recently got a call from a client, they had an outage that required a firewall reboot, but couldn’t give me an exact clock time. They were looking for anything in the logs just prior to that reboot that might indicate a carrier issue, as they had experienced a few outages like this recently.
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center