Spears Legal Technology


This blog is a resource guide for informational purposes only, and not the delivery of legal, technical or other professional advice. Using the information provided on this blog does not constitute an attorney-client relationship. If you need legal advice, please consult your lawyer.

SANS: The 6 Categories of Critical Log Information

To the network admins out there: Here’s a document from the esteemed Dr. Anton Chuvakin that is definitely worth looking at.

The document linked in the article can be used to figure out what to log, what to report on and what reports to review for various purposes. At its center are these top log report categories:

  • 1. Authentication and Authorization Reports
  • 2. Systems and Data Change Reports
  • 3. Network Activity Reports
  • 4. Resource Access Reports
  • 5. Malware Activity Reports
  • 6. Failure and Critical Error Reports
  • Link.

blog comments powered by Disqus