Open Web Application Security Project (OWASP) – Logging Cheat Sheet OWASP 3.3 3.3.1 Audit and Accountability
This cheat sheet covers all of the important aspects of logging such as what to include and how long to retain among others.
This cheat sheet covers all of the important aspects of logging such as what to include and how long to retain among others.
This blog discusses the biggest IT security threat facing companies today, their authorized users.
This policy from SANS helps identify requirements that must be met by a system to generate logs.
SANS checklist for reviewing critical logs when responding to a security incident or for routine log review.
This SANS whitepaper offers common elements to success for log management, in order to prepare for regulatory compliance audits.
Best practices for Windows Auditing Log monitoring and different types of windows audit logs
Learn how to conduct security log management that provides visibility into IT infrastructure activities and traffic, improves troubleshooting and prevents service disruptions.
This policy provides an example of events surrounding confidential or restricted information that are typically logged. While this example is for health information, the log requirements would apply to other restricted information as well. The policy includes a description of log reviews.
This guideline describes the risk of inadequate logging, defines events to be logged and establishes a case for using an automated tool for log review.
US-CERT resource that provides information on how to create, test and improve an Incident Management plan.