Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 22 Feb 2008 12:55:34 -0500
From:      "Irene Gelyk" <igelyk.rim@gmail.com>
To:        freebsd-isp@freebsd.org
Subject:   re: Creating a Log Retention Policy
Message-ID:  <957425f00802220955y183e8edbgc3af82c23af26782@mail.gmail.com>

next in thread | raw e-mail | index | archive | help
Matthew:

Did you ever get your log retention policy developed?  I'm sort of in the
same position and I'm hoping you will be able to share what you learned
and/or developed.

Thanks
Irene Gelyk
igelyk.rim@gmail.com
 Creating a Log Retention Policy*Matt Ruzicka* matt at frii.com
<freebsd-isp%40freebsd.org?Subject=Creating%20a%20Log%20Retention%20Policy&In-Reply-To=>
*Mon Aug 22 22:38:45 GMT 2005*


   - Previous message: ELF Binary Type '0' Not Known
   <http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/003478.html>;
   - Next message: Creating a Log Retention Policy
   <http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/003481.html>;
   - *Messages sorted by:* [ date
]<http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/date.html#3479>;
[
   thread ]<http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/thread.html#3479>;
[
   subject ]<http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/subject.html#3479>;
[
   author ]<http://lists.freebsd.org/mailman/htdig/freebsd-isp/2005-August/author.html#3479>;

------------------------------

Last year I attended a session at USENIX on system logging in which the
instructor (Marcus Ranum) discussed the importance of having a clearly
defined (and enforced) log retention policy.  From what I remember of this
portion of the lecture (the slides and my notes are lacking in details) he
stressed that this policy would help significantly in the case of
litigation, but it obviously would also give a solid policy for defining
expectations and maintaining consistency between servers.

A year later (*cough, cough*) I've started to compile ideas for this
policy, but am having a bit of trouble finding good guidelines to follow.

I was wondering if others currently had a clearly defined log retention
policy for their organization and, if so, how they went about creating it?

Thanks in advance for any feedback.

Matthew Ruzicka - Systems Administrator
Front Range Internet, Inc.matt at frii.net
<http://lists.freebsd.org/mailman/listinfo/freebsd-isp>; - (970)
212-0728

Got SPAM?  Take back your email with MailArmory.
http://www.MailArmory.com <http://www.mailarmory.com/>;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?957425f00802220955y183e8edbgc3af82c23af26782>