Alot of people don't put this in writing, which actually should be written up, as a policy, and followed to the write up and the management should enforce it. Most organizations will have them offsite, and some others on main site for a duration specified on their policies, most likely rotated in two weeks or three depending on the policy. ./Chuks On Mon, May 18, 2009 at 11:32 AM, Eric Mugo <kabugum@gmail.com> wrote:
Hi,
Hope you are all well. From your experience out there with SME's and even Corporate/Bluechip Organizations and Governement, what would you say on average is their Log Retention Policy. A few direct questions would be
1. How long do they retain their logs? 2. How do the do it i.e Centralized or Decentralized? 3. If centralized what solutions do they use? 4. Any Open Source solution out there that has powerful Reporting Capabilities? 5. Do Financial Institutions have Strong Log Retention Policies regulated through Central Bank
Regards, Eric Mugo.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Skunkworks announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science - http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi - http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ http://www.kamongo.co.ke/