The IT Law Wiki


Log management is the process for generating, transmitting, storing, analyzing, and disposing of log data. Log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time.


Routine log analysis is beneficial for identifying security incidents, policy violations, fraudulent activity, and operational problems. Shutting down the system if it is unable to log a security event helps to ensure that an administrator will review the log and correct the problem in order to recover the system for the user.