LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Computer Logs
From:	Gary Link <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 7 Nov 2013 07:45:03 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (42 lines)

Many people were out at the ARMA conference last week when I posted this
question, so I'm going to post again now that you're all back:

Computer logs are tricky devils to manage. The exist in applications of
every kind, firewalls, operating systems on servers, workstations and
networking equipment. They have no standard format nor language, and even
their timestamps may vary. Some may not naturally be "retained" as they
are set to a time or volume limitation and so overwrite older entries when
they reach that limit. And so "archiving" applications are needed if you
need to retain them longer. And some create such a volume that only a very
limited retention time is viable or else they would "get out of hand very
quickly."

NIST SP 800-92
http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf outlines
all of these challenges and has a lot of good information for managing
computer logs.

My question is this: Have any of you dealt comprehensively with the
management computer logs with your IT folks ala NIST SP 800-92, setting
your own policies and processes, probably determining retention periods by
grouping, "archiving" methods, etc.? And would you care to share you
lessons learned, insights, etc.? (Not asking for the details of your
program, which may be non-public information.)

Thanks in advance,
Gary Link
Pittsburgh, PA
[log in to unmask]

The contents of this email are the property of PNC. If it was not addressed to you, you have no legal right to read it. If you think you received it in error, please notify the sender. Do not forward or copy without permission of the sender. This message may contain an advertisement of a product or service and thus may constitute a commercial electronic mail message under US Law. The postal address for PNC is 249 Fifth Avenue, Pittsburgh, PA 15222. If you do not wish to receive any additional advertising or promotional messages from PNC at this e-mail address, click here to unsubscribe. https://pnc.p.delivery.net/m/u/pnc/uni/p.asp
By unsubscribing to this message, you will be unsubscribed from all advertising or promotional messages from PNC. Removing your e-mail address from this mailing list will not affect your subscription to alerts, e-newsletters or account servicing e-mails.

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US