If you purchase a log management or SIEM tool, you might sit back with the conclusion that all your system audit and compliance problems are solved. Unfortunately, this rosy picture seems to ignore the ever-present problem of blind spots in audit reports: if your apps don't log it, your audit report won't show it...
There are several scenarios of where the blind spots occur. For example, basic system administrator activities, such as firewall or web-server configuration all include a potentially high security risk for companies. We might think that these activities should generate sufficient log entries, but in actuality they do not.
This document aims at briefly demonstrating the technological and business processes that led to the revaluation of log information to such an extent that its collection and procession has become one of the most essential tasks of contemporary corporate IT.
Furthermore, we attempt to identify those critical points of a central logging management project that determine its success the most. We hope that taking our six pieces of advice relating to these six points will substantially contribute to the successful professional activities of our readers.Download white paper »