[logs] Re: Log Management - was "What Works in Log Management" webcast

From: todd.glassey@private
Date: Tue Aug 30 2005 - 13:51:42 PDT


I agree with you too - the FASP project if Dr. Tim Polk's wife's (I forget her name)... and Tim is of course one of the chairs of the IETF's PKIX WG. 



--
Regards,
Todd

This message (including any 
attachments) contains confidential 
information intended for a 
specific individual and purpose, 
and is protected by law. If you 
are not the intended recipient, 
you should delete this message. 
Any disclosure, copying, or 
distribution of this message, or 
the taking of any action based on 
it, is strictly prohibited. 


 -------------- Original message ----------------------
From: "Safier, Adam *" <Safier@private>
> I look at FASP as nice samples and education but not standards.  Many
> "standards", requirements and guidelines call for logging and even storage
> duration but I'm not sure I would call that log management.  The FASP for
> audit feels like just a beginning of a policy. Management would include
> policy and actual practices, including design documents specifying what is
> logged.  Not the least would be a operating procedure for reducing the logs
> and the process of reviewing them.  Of course, that is just my opinion.
> 
> Adam
> 
>  
> 
> -----Original Message-----
> From: todd.glassey@private [mailto:todd.glassey@private]
> Sent: Monday, August 29, 2005 5:37 PM
> To: Safier, Adam *; loganalysis@private
> Subject: Re: [logs] Re: "What Works in Log Management" webcast
> 
> 
> 
> Adam - look up FASP at the CSRC NIST security server.
> 
> Todd Glassey
> --
> Regards,
> Todd
> 
> This message (including any 
> attachments) contains confidential 
> information intended for a 
> specific individual and purpose, 
> and is protected by law. If you 
> are not the intended recipient, 
> you should delete this message. 
> Any disclosure, copying, or 
> distribution of this message, or 
> the taking of any action based on 
> it, is strictly prohibited. 
> 
> 
>  -------------- Original message ----------------------
> From: "Safier, Adam *" <Safier@private>
> > I'm not aware of a specific one at the federal standards level. But I
> think
> > I heard that DHS might be starting a best practices group.
> > 
> > Adam
> > 
> > -----Original Message-----
> > From: todd.glassey@private [mailto:todd.glassey@private]
> > Sent: Monday, August 29, 2005 1:49 PM
> > To: Safier, Adam *; loganalysis@private
> > Subject: Re: [logs] "What Works in Log Management" webcast
> > 
> > 
> > Adam - is there a FISP (Federal Information Security practice) for log
> > management within the US Government?
> > 
> > T.
> > 
> > --
> > Regards,
> > Todd


_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Wed Aug 31 2005 - 21:35:35 PDT