US-CERT – CRR Supplemental Resource Guide, Volume 5: Incident Management

NIST SP 800-53: IR–4(3) Incident Handling

DNSstuff – 10 Best Free and Open-Source SIEM Tools

Kroll – It’s Not If But When: How to Build Your Cyber Incident Response Plan

Logwatch

TechTarget – Security Log Management and Logging Best Practices

SANS – Information Logging Standard

Norfolk State University – Audit Review, Analysis, and Reporting Policy

NIST SP 800-92 Guide to Computer Security Log Management

SANS Whitepaper – Log Management Strategies