Readers of my blog will certainly be aware of the importance I place on the collection and handling of system logs. These logs contain critical data related to what is happening to your systems and networks that is not readily obvious, not the least of which are indicators that your network is being probed by potential hackers. 

Proper log collection and review is part of every major security standard in existence. As an example, PCI DSS requirement 10 addresses various aspects of logging. Section 10.6 states “Review logs and security events for all system components to identify anomalies or suspicious activity.” 

To read this article in full or to leave a comment, please click here