Citation[edit | edit source]

National Institute of Standards and Technology, Guide to Computer Security Log Management (NIST Special Publication 800-92) (Sept. 2006) (full-text).

Overview[edit | edit source]

A fundamental problem with log management that occurs in many organizations is effectively balancing a limited quantity of log management resources with a continuous supply of log data. Log generation and storage can be complicated by several factors, including a high number of log sources; inconsistent log content, formats, and timestamps among sources; and increasingly large volumes of log data. Log management also involves protecting the confidentiality, integrity, and availability of logs. Another problem with log management is ensuring that security, system, and network administrators regularly perform effective analysis of log data.

This publication provides guidance for meeting these log management challenges.

Community content is available under CC-BY-SA unless otherwise noted.