Educause Security Discussion mailing list archives
Log Review Duties
From: Robertwenrm <robertwenrm () YAHOO COM>
Date: Tue, 8 Jun 2010 09:20:09 -0700
We are reviewing our log management procedures.Duties for log reviews has become an issue since we don't have a Security Center Operations and these tasks of log reviewing had traditionally been done by separate areas. That is to say : networkin dept. review firewall and router logs, datacenter operations review server logs, internal development review application logs,etc. Would this be a compelling reason to have one already? In adittion, we also are evaluating a SIEM solution because of the way these tasks had been operated. Any advice as for how log review duties should be assigned? should we centralize this and other security operations? Thanks
Current thread:
- Log Review Duties Robertwenrm (Jun 08)