Audit and trace log management : consolidation and analysis /: consolidation and analysis. (2006)
- Record Type:
- Book
- Title:
- Audit and trace log management : consolidation and analysis /: consolidation and analysis. (2006)
- Main Title:
- Audit and trace log management : consolidation and analysis
- Further Information:
- Note: Phillip Q. Maier.
- Other Names:
- Maier, Phillip Q
- Contents:
- Introduction to Audit Logging ; The “Why” of Consolidated Audit Logging ; Taking Stock, What Is in Place Today ; What Forms or Levels of Logging Do You Currently Perform on This; Device?; What Is the Volume, Amount of Data Collected in One 24-Hour Period?; What Is Your Retention Period; That Is, How Long Do You; Keep Retrievable Logs?; What Are the Formats for This Retention? 30 Days Online; 30 Days Tape, 3 Months CD?; What Is the “Write per Second” Timeframe? How Many Records; per Second Are Generated and Logged?; Where Are the Logs Stored Today (Locally on the Box, Locally; on a Nearby Server, or Remotely)?; If Stored Externally, How Are They Transported to the External; Store (Syslog, FTP, Other)?; Is There a Separate Physical Interface over Which the Logs Are; Distributed Out of the Box?; What Are the Access Control Mechanisms over Access to the; Stored Logs?; Who Reviews the Logs? At What Frequency?; What Is the Data Classification of This Log Data (Company; Secret, Confidential, Internal Use)?; Is There a Log Reporting System? How Are the Logs Accessed and; Viewed? How Many People in the Organization Are Required to; Have Access to These Logs?; What Is the Nature of the Reviews: Are Keywords Searched; Summaries, or Just High-Level Eyeing of the Log Data?; Are There Additional Log Review, Storage, or Analysis; Capabilities That You Would Like to Have over This Log Data?; If So, What Are They?; The Completed Survey; Deciding What to Capture and How to Do It ;Introduction to Audit Logging ; The “Why” of Consolidated Audit Logging ; Taking Stock, What Is in Place Today ; What Forms or Levels of Logging Do You Currently Perform on This; Device?; What Is the Volume, Amount of Data Collected in One 24-Hour Period?; What Is Your Retention Period; That Is, How Long Do You; Keep Retrievable Logs?; What Are the Formats for This Retention? 30 Days Online; 30 Days Tape, 3 Months CD?; What Is the “Write per Second” Timeframe? How Many Records; per Second Are Generated and Logged?; Where Are the Logs Stored Today (Locally on the Box, Locally; on a Nearby Server, or Remotely)?; If Stored Externally, How Are They Transported to the External; Store (Syslog, FTP, Other)?; Is There a Separate Physical Interface over Which the Logs Are; Distributed Out of the Box?; What Are the Access Control Mechanisms over Access to the; Stored Logs?; Who Reviews the Logs? At What Frequency?; What Is the Data Classification of This Log Data (Company; Secret, Confidential, Internal Use)?; Is There a Log Reporting System? How Are the Logs Accessed and; Viewed? How Many People in the Organization Are Required to; Have Access to These Logs?; What Is the Nature of the Reviews: Are Keywords Searched; Summaries, or Just High-Level Eyeing of the Log Data?; Are There Additional Log Review, Storage, or Analysis; Capabilities That You Would Like to Have over This Log Data?; If So, What Are They?; The Completed Survey; Deciding What to Capture and How to Do It ; Requirements Gathering for Whole Log Capture; The Normalization Process; Setting Up Correlation Rules, Putting Your Assembled ; Infrastructure to Work ; Security Event Management, Generating Reports from Your ; System ; Security Event and Incident Management and Reporting; Security Alert Management (SAM); Setting Security Alert Levels and Escalation Processes ; Security Operations Center (SOC) Reporting; The Escalation Process; Level 1 Alerts; Management Reporting; Pulling It All Together and Making Your Case ; Justifying Your System for Forensic Analysis; Gaining Buy-In for Your System; Future Implementation Strategies and Value-Added Components … (more)
- Publisher Details:
- Boca Raton, FL : Auerbach Publications
- Publication Date:
- 2006
- Extent:
- 1 online resource (xiii, 171 pages), illustrations
- Subjects:
- 005.8
Computer networks -- Security measures
Application logging (Computer science)
Computer Communication Networks
Computer security
COMPUTERS -- Security -- Networking
Application logging (Computer science)
Computer networks -- Security measures
Electronic information resources
Electronic books - Languages:
- English
- ISBNs:
- 9780203491768
0203491769 - Related ISBNs:
- 0849327253
9780849327254 - Notes:
- Note: Includes bibliographical references and index.
Note: Print version record. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.155381
- Ingest File:
- 01_047.xml