« Writing the Book On PCI Compliance | Main | Recent Data Breaches »

Compliance, security take managing log data to next level

Pete Bogerman and Alan Paller provide plenty of insights into Log Management in this piece in  Techtarget...

Prior to the PCI auditors' questions, log data in Boergermann's organization was self-contained on individual devices. There was no central repository.

"You basically had to log into each one of those devices yourself and look at the information stored there," Boergermann said. "It would take hours to gather the data. And the quality -- it was in raw format. We got a ridiculous amount of paper. Who has time to look at this stuff? It wasn't getting reviewed as well as it should have."

The SANS Institute study found that 63% of those polled who said they used log data-tracking technology were dissatisfied with it.

"For the most part, there are three things that seem to drive people crazy," said Alan Paller, director of research at The SANS Institute. "One is speed: It takes too long. Two is getting data into the system when it is not standard, and the conflicts that generates with system administrators. And three is the reporting."

It's also a question of support -- who will do it?

"It's time-consuming," Boergermann said. "And reviewing logs is something you can't turn over to a PC technician or help desk person. You need someone at the engineering level, so now you're tying someone up at a higher pay grade. And the sheer volume of information is overwhelming."

Posted July 10, 2007 in | Permalink

---

Visit loglogic.com

Subscribe to this blog’s feed

• November 2007
• October 2007
• September 2007
• August 2007
• July 2007
• June 2007
• May 2007
• April 2007
• March 2007
• February 2007
• January 2007
• December 2006
• November 2006
• October 2006
• September 2006
• August 2006
• July 2006
• June 2006
• May 2006
• April 2006
• March 2006
• February 2006
• January 2006
• December 2005
• November 2005
• October 2005
• September 2005

Blogroll

• CynergisTek
• Bruce Schneier
• InfoSecDaily

Compliance

• Continuity Central
• Compliance Pipeline
• SOX Compliance Journal
• Sarbanes-Oxley 101

Good Reading

• Log Management ROI
• Log Management Best Practices
• SANS Institute Log Management White Paper

LogLogic

• O’Reilly
• Anton Chuvakin
• LogLogic.Com
• Jian Zhen

LogLogic Partners

• Juniper Networks
• ONStor
• Counterpane
• Bluecoat

Sites We Watch

• The Merc
• CRN
• IT Architect
• The Reg
• Security Focus
• Slashdot
• TechWeb
• SANS
• C/Net
• CIO Insight
• InformationWeek
• Jamie Lewis - Burton Group
• eWeek
• IT Manager's Journal
• MIT Magazine
• VNU