I look at FASP as nice samples and education but not standards. Many "standards", requirements and guidelines call for logging and even storage duration but I'm not sure I would call that log management. The FASP for audit feels like just a beginning of a policy. Management would include policy and actual practices, including design documents specifying what is logged. Not the least would be a operating procedure for reducing the logs and the process of reviewing them. Of course, that is just my opinion. Adam -----Original Message----- From: todd.glassey@private [mailto:todd.glassey@private] Sent: Monday, August 29, 2005 5:37 PM To: Safier, Adam *; loganalysis@private Subject: Re: [logs] Re: "What Works in Log Management" webcast Adam - look up FASP at the CSRC NIST security server. Todd Glassey -- Regards, Todd This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. -------------- Original message ---------------------- From: "Safier, Adam *" <Safier@private> > I'm not aware of a specific one at the federal standards level. But I think > I heard that DHS might be starting a best practices group. > > Adam > > -----Original Message----- > From: todd.glassey@private [mailto:todd.glassey@private] > Sent: Monday, August 29, 2005 1:49 PM > To: Safier, Adam *; loganalysis@private > Subject: Re: [logs] "What Works in Log Management" webcast > > > Adam - is there a FISP (Federal Information Security practice) for log > management within the US Government? > > T. > > -- > Regards, > Todd _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Wed Aug 31 2005 - 21:32:55 PDT