The objective of this paper is to explain why it is necessary to archive, or save, event logs and to provide guidance about archiving event logs. In the context of this discussion, event logs are generally computer-generated records of a system's internal activity. The systems generating the event logs can be network devices, such as routers and firewalls, and computer systems using various operating systems, such as UNIX, Linux, and Microsoft Windows. The event logs from these network devices and computer systems can be very detailed and sometimes cryptic to the human reader. For example, they may contain a record of each packet a firewall either allowed to pass or dropped and detailed records of an operating system's internal processes. The logs can also indicate who logged on and off a system and what system resources a user accessed.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
