Security Basics mailing list archives
Log Management Policy and Procedures
From: "Bob Dienhart" <bob () alt-tab cc>
Date: Fri, 21 Jul 2006 10:41:51 -0500
(Note: cross posted to both LogAnalysis and SecurityBasics forums) We are working up to implementing a centralized log management system. The NIST paper "Guide to Computer Security Log Management" (800-92) discusses the need for a Log Management Policy and related procedures. Does anyone in the community have a Log Management policy and perhaps even a set of procedures that I could use as a jump start for drafting something suitable for this organization? We are part of a City government with about 400 desktops, 30 servers, and a small IT staff. I have looked for sample policies on the web but have not found anything to date. I will continue looking but if you know of any useful links, those would be helpful, too. The email address for sending a policy I can plagiarize a bit is: b o b d "at" h a c m . o r g. Thanks. BobD MCSE, GSEC --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Log Management Policy and Procedures Bob Dienhart (Jul 21)