[logs] Re: on database logging

From: Marcus J. Ranum (mjr@private)
Date: Wed Mar 21 2007 - 10:25:02 PST

Anton Chuvakin wrote:
>Ouch, how about security? I guess we are dealing with some case of
>mental inertia here

All the current trend toward legislating compliance has
accomplished is setting the bar very low, and encouraging
companies to look only at meeting that standard. I've had
senior IT managers tell me "We are going to do the exact
minimum, wherever possible."

In log analysis terms, that means that the logs to to a big
bucket which is periodically dumped into the compost
heap. Nobody'll look in the bucket until someone passes
legislation requiring people to LOOK at it. And, of course,
when that happens, they'll do the exact minimum, &c...


LogAnalysis mailing list

This archive was generated by hypermail 2.1.3 : Wed Mar 21 2007 - 18:51:56 PST