You are the CISO of a company and you need to create logging policies. Please review NIST SP800-92, specifically sections 4-3 through 4-7.

You are the company's CISO and you need to create a logging policy. See NIST SP 800-92, especially sections 4-3 to 4-7. Consider various systems on the network and create a logging strategy based on the information in the previous section.

Create a two page Word document on the strategy. In this article, be sure to describe the device type, log generation, log transfer, log storage and processing, and log analysis.

First, the definition of log management is orderly. The National Institute of Standards and Technology (NIST) defines log management as "process of generating, sending, storing, analyzing, and processing computer security log data" in special publication SP 800-92 . What do the management really need? In short, log management defines what you need to record, how to record it and when to save it. This will eventually be converted to hardware, software, and of course policy requirements.

NIST SP 800-92 begins with basic information on computer security logs, the usefulness of these logs, and the challenges of their management. Topics covered in this guide include components of the log management infrastructure including hardware, software, networks, and media for generating, transferring, storing, analyzing, and processing log information, organizations consistently and reliably Planning process log management practices that make it possible to run efficiently, and operational processes that help organizations successfully manage logs. The appendix of this guide contains a glossary of terms that help you understand and implement log management within your organization, a list of abbreviations, and a comprehensive list of tools and resources. Printing and online resources are included. NIST SP 800-92 is available from the NIST web page.