Oh sure, the phrase "log file" sounds innocent, but those are probably two of the most significant and under appreciated pair of words in technology lexicon. Logs are valuable and useful for:
- Troubleshooting and debugging
- Security event detection
- System and Hardware event detection
- Tracking and validating performance of a variety of things, from people to systems
- Forensic analysis of problems and security events
Examples of common log files include: Web server logs Windows Event, Application and Security logs Application specific logs, Database logs. The problem with log files is that they are often a bit cryptic, and full of useless information as well. So they tend to be out of sight, out of mind. Therefore, today I wanted to speak out for log files everywhere.
- Inventory your log files a. Where are they b. What’s in them
- Protect your log files a. Control who has access to them b. Archive them securely
- Talk to your developers and find out what they are logging. For example, user names and passwords should not be written to log files.
- Learn what your compliance and regulatory requirements have to say about log file management. Many standards require a very structured process for log file management.
- Consider a log management tool to automate this process. As your organization grows, there will become simply too much data in too many logs for you manage without a tool and it will be too valuable to simply ignore.
A log management strategy is important for cloud users as well. If your cloud provider uses any client side applications, chances are they are writing logs or have the ability to write logs, perhaps locally to the desktop. The cloud provider will have logs. Make sure that the cloud provider is taking steps to protect that data. At inContact, security is of singular importance, and log file management is an important aspect of our overall security process.