The former role of an information system log was to determine the cause of system failure, or to record operation history or processing details. Recently, the increase in cyber security incidents have prompted amendments to laws and regulations that are expanding the use and importance of these logs.
A system that manages and monitors logs must be designed and built with clear reasons and purposes for obtaining and using the logs. Expertise and practical know-how are required to create an efficient log management system.
Key points needed to effectively and efficiently manage logs:
- Capability to manage a variety of logs centrally and safely
- Capability to analyze a required log within a certain time
- Correlation analysis capability to detect events that cannot be discovered from a single log but can only be found using multiple logs
- Capability to integrally manage multiple logs to grasp a picture of the overall system
Application of integrated log management
- Internal Control Various logs and reports are required in general IT control and IT application control.
- Internal Fraud Detection Logs and reports for internal fraud detection, trailing and tracking.
- Intrusion Detection Logs and reports used for detection, trailing and tracking of intrusions on the information system.
- PCIDSS (Payment Card Industry Data Security Standard) Log management for compliance with security standards.
Infosec will continue to provide the best suggestions and support for you to meet your expectations for both building and operation of integrated log management systems based on our rich experience in both building and supporting system operation.
- Secure System / Network Integration and Monitoring Service
- Technology Consulting
- Management Consulting