NIST - SP 800-92, Guide to Computer Security Log Management.
21.04.2006Many logs within an organization may contain records related to computer security events. Organizations are facing larger quantities, volumes, and varieties of computer security logs, and also need to address requirements to analyze and retain certain logs to comply with Federal legislation and regulations, including FISMA, HIPAA, the Sarbanes-Oxley Act of 2002, and the Gramm-Leach-Bliley Act. As a result, many organizations have a greater need for computer security log management--the process for generating, transmitting, storing, analyzing, and disposing of computer security log data. Log management assists in ensuring that computer security records are stored in sufficient detail for an appropriate period of time.
This document provides detailed information on developing, implementing, and maintaining effective log management practices throughout an enterprise. It includes guidance on establishing a centralized log management infrastructure, which includes hardware, software, networks, and media. It also discusses the log management processes that should be put in place at an organization-wide level, including the definition of roles and responsibilities, the creation of feasible logging policies, and the division of responsibilities between system-level and organization-level administrators. Guidance is also provided on log management at the individual system level, such as configuring log generating sources, supporting logging operations, performing log data analysis, and managing long-term data storage.
Zdroj: http://csrc.ncsl.nist.gov/publications/drafts/DRAFT-SP800-92.pdfAutor: JP
Heuristické vyhledání souvisejících článků v archívu NEWS
Pozor - není zdaleka přesné a výsledek je bez záruky...
Chcete-li článek obsahující konkrétní termín - pou·ijte funkci
vyhledávání !
