Having worked with log management and SIEM (Security Information and Event Management) for several years, I have learned how critical it is to create a log collection plan and determine what you need from your logs.
It doesn’t matter if you’re a dedicated Security Engineer, a Network Architect, or a System Admin, collecting logs is a crucial part of any successful security strategy.
Log management really boils down to one question: which logs should you collect? To answer this question, here are some questions that I recommend asking as well as other best practice recommendations:
Logs contain tons of useful information. When collected properly, they can help you improve security and quickly resolve network and systems issues. Creating a logging plan before you set up your log collection process can be the difference between long hours of digging through useless data and quickly finding what you need.
Want more specific information? Check out these additional links:
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.