[logs] Re: on database logging

From: Anton Chuvakin (anton@private)
Date: Mon Mar 19 2007 - 08:50:33 PST


> > What's the story? Is database logging hot or not? :-)
>
> Hot, it is not.  Necessary, yes for companies with compliance drivers.
> The reason it is not hot is because it is solely driven by compliance and
> not by any other company requirements.

Ouch, how about security? I guess we are dealing with some case of
mental inertia here. Otherwise, why is it not obvious that for
incident response due to system hacking you look at system logs, and
for incident response due to database or web application hacking you
look ... where DO you look if you don't have the database logs?

So, somebody need to campaign "Database logging: it just isn't only
for auditors anymore" :-)

Best,
-- 
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
      http://www.chuvakin.org
  http://chuvakin.blogspot.com
    http://www.info-secure.org
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Wed Mar 21 2007 - 10:16:00 PST