University of California Berkeley – Security Audit Logging Guideline 3.3 3.3.1 3.3.3 Audit and Accountability
This guideline describes the risk of inadequate logging, defines events to be logged and establishes a case for using an automated tool for log review.