Creating a Log Retention Policy

From: Matt Ruzicka (matt_at_frii.com)
Date: 08/23/05

  • Next message: Julian H. Stacey: "Re: Creating a Log Retention Policy" 
    Date: Mon, 22 Aug 2005 16:38:43 -0600 (MDT)
To: freebsd-isp@freebsd.org

    Last year I attended a session at USENIX on system logging in which the
    instructor (Marcus Ranum) discussed the importance of having a clearly
    defined (and enforced) log retention policy. From what I remember of this
    portion of the lecture (the slides and my notes are lacking in details) he
    stressed that this policy would help significantly in the case of
    litigation, but it obviously would also give a solid policy for defining
    expectations and maintaining consistency between servers.

    A year later (*cough, cough*) I've started to compile ideas for this
    policy, but am having a bit of trouble finding good guidelines to follow.

    I was wondering if others currently had a clearly defined log retention
    policy for their organization and, if so, how they went about creating it?

    Thanks in advance for any feedback.

    Matthew Ruzicka - Systems Administrator
    Front Range Internet, Inc.
    matt@frii.net - (970) 212-0728

    Got SPAM? Take back your email with MailArmory. http://www.MailArmory.com
    _______________________________________________
    freebsd-isp@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

  • Next message: Julian H. Stacey: "Re: Creating a Log Retention Policy"