[logs] Log Management - was "What Works in Log Management" webcast

From: Safier, Adam * (Safier@private)
Date: Tue Aug 30 2005 - 12:10:10 PDT


I look at FASP as nice samples and education but not standards.  Many
"standards", requirements and guidelines call for logging and even storage
duration but I'm not sure I would call that log management.  The FASP for
audit feels like just a beginning of a policy. Management would include
policy and actual practices, including design documents specifying what is
logged.  Not the least would be a operating procedure for reducing the logs
and the process of reviewing them.  Of course, that is just my opinion.

Adam

 

-----Original Message-----
From: todd.glassey@private [mailto:todd.glassey@private]
Sent: Monday, August 29, 2005 5:37 PM
To: Safier, Adam *; loganalysis@private
Subject: Re: [logs] Re: "What Works in Log Management" webcast



Adam - look up FASP at the CSRC NIST security server.

Todd Glassey
--
Regards,
Todd

This message (including any 
attachments) contains confidential 
information intended for a 
specific individual and purpose, 
and is protected by law. If you 
are not the intended recipient, 
you should delete this message. 
Any disclosure, copying, or 
distribution of this message, or 
the taking of any action based on 
it, is strictly prohibited. 


 -------------- Original message ----------------------
From: "Safier, Adam *" <Safier@private>
> I'm not aware of a specific one at the federal standards level. But I
think
> I heard that DHS might be starting a best practices group.
> 
> Adam
> 
> -----Original Message-----
> From: todd.glassey@private [mailto:todd.glassey@private]
> Sent: Monday, August 29, 2005 1:49 PM
> To: Safier, Adam *; loganalysis@private
> Subject: Re: [logs] "What Works in Log Management" webcast
> 
> 
> Adam - is there a FISP (Federal Information Security practice) for log
> management within the US Government?
> 
> T.
> 
> --
> Regards,
> Todd
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Wed Aug 31 2005 - 21:32:55 PDT