Consequently, information systems managers are tasked with devising strategies for taming these volumes of log data to remain compliant with company IT policy, and also to gain holistic visibility across all IT systems deployed throughout the organization. With a tad of guidance and a bit of planning, the recipe for log management is actually straightforward, and the rewards are surprisingly favorable.
What is log management?
First and foremost, a definition of log management is in order. The National Institute for Standards and Technology (NIST) defines log management in Special Publication SP800-92 as: "the process for generating, transmitting, storing, analyzing, and disposing of computer security log data." As you probably knew that much already, what does log management really entail? Put simply, log management is defining what you need to log, how to log it, and how long to retain the information. This ultimately translates into requirements for hardware, software, and of course, policies.
The link for this article located at CSO Online is no longer available.
