log management

Log management is a collective process and strategy for managing and promoting the generation, transfer, analysis, storage, archiving, and final processing of large amounts of log data created within the information system.

Logs in the computing environment are automatically generated and are time-stamped documents of events related to a particular system. In fact, all software applications and systems generate log files.

Effective log management is important for security and compliance. Monitoring, recording, and analyzing system events is an important part of Security Intelligence (SI). In compliance with the regulations, the HIPPA, Gramm-Leach-Bliley method, and Sarbanes-Oxley Act have specific tasks related to the audit log.

Log management software automates many relevant processes. For example, Event Log Manager (ELM) keeps track of changes in the organization's IT infrastructure. These changes are reflected in the audit trail that must be generated for compliance audits.

Effective and efficient log management process: * Establish policies and procedures for log management. Organizations need to develop a standard process for performing log management. Logging requirements and goals need to be defined during the planning process. Based on these goals and requirements, organizations can clearly define mandatory requirements and create policies that recommend log management activities, including log generation, transmission, storage, analysis, and disposal. Organizations must also ensure that relevant policies and procedures, including log management requirements and recommendations, support them. Organization administrators shall provide the necessary support for work related to log management plans, strategies and program development. Policies and procedures help ensure a consistent approach and implementation of legal and regulatory requirements across the organization.

We will provide appropriate support for all employees responsible for log management. When defining log management solutions, organizations must ensure that relevant personnel are provided with the necessary training regarding log management responsibilities and skills to support the resources required for log management. Support includes providing log management tools and tool documents, providing technical guidance on log management activities, and providing information to log administrators.

The basic problem of log management occurring in many organizations is to effectively balance a limited number of log management resources and ongoing log data provisioning. Log generation and storage can be complicated by a variety of factors such as many log sources, log content between sources, format, timestamp, etc., the amount of log data is increasing. Log management also includes protection of log confidentiality, integrity, and availability. Another problem with log management is security. System administrators and network administrators periodically analyze log data. This publication provides guidance to solve these log management issues.