Guide to Computer Security Log Management

1.6 MB | 3 files |  DOC, PDF

Your admins need to more than just collect security logs -- they need to secure that data and continually monitor it for anomalies and risk. This document will give your team guidance on setting up proper procedures.

A log is a record of the events occurring within an organization's systems and networks. Logs are composed of log entries; each entry contains information related to a specific event that has occurred within a system or network. Many logs within an organization contain records related to computer security. These computer security logs are generated by many sources, including security software, such as antivirus software, firewalls, and intrusion detection and prevention systems; operating systems on servers, workstations, and networking equipment; and applications.

The number, volume, and variety of computer security logs have increased greatly, which has created the need for computer security log management — the process for generating, transmitting, storing, analyzing, and disposing of computer security log data. Log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time. Routine log analysis is beneficial for identifying security incidents, policy violations, fraudulent activity, and operational problems. Logs are also useful when performing auditing and forensic analysis, supporting internal investigations, establishing baselines, and identifying operational trends and long-term problems. Organizations also may store and analyze certain logs to comply with Federal legislation and regulations, including the Federal Information Security Management Act of 2002 (FISMA), the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Sarbanes-Oxley Act of 2002 (SOX), the Gramm-Leach-Bliley Act (GLBA), and the Payment Card Industry Data Security Standard (PCI DSS).

A fundamental problem with log management that occurs in many organizations is effectively balancing a limited quantity of log management resources with a continuous supply of log data. Log generation and storage can be complicated by several factors, including a high number of log sources; inconsistent log content, formats, and timestamps among sources; and increasingly large volumes of log data. Log management also involves protecting the confidentiality, integrity, and availability of logs. Another problem with log management is ensuring that security, system, and network administrators regularly perform effective analysis of log data. This publication provides guidance for meeting these log management challenges.

Included in this ZIP file are:

  • Cover sheet and terms.pdf
  • Guide to Computer Security Log Management.pdf
  • Intro page.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

IT_Man77 Job Description: Technology Project Manager

Whether you're looking to hire one or looking for a position yourself, use this detailed job description to find out what the role of a Technology Project Manager entails. ...  More >>

Strategy2.jpg Case Studies in Strategic Planning

Chapter 1 delves into the first four stages of systematic strategic planning, including clarifying current conditions, identifying competitive advantages, defining opportunities and developing strategies. ...  More >>

Infra81.jpg Software Quality Assurance: Integrating Testing, Security, and Audit

This excerpt focuses on the conceptual aspects of defect management, including the basic concepts of a defect, how to manage defects, and an analysis of the root causes of defects. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.