What's your log retention approach? Do you have a SIEM, log management system or both? And how long do you retain logs on devices (e.g. firewalls), in SIEM and in a log management system?

302 views1 Upvote2 Comments

Sort by:

Head of IT in Manufacturing3 years ago

Depends on what kind of logs…some logs are delete automatically after some time (SaaS Tools like Sophos f.e.), others are also deleted because of GDPR Requierments (internet logs, guest access). We definied the most crucial logs for us and collecting them in a log aggregation tool for 12 months, in some cases also longer (AD Logs), which are getting archived after 12 months and can be used on demand.

I propose to first start an overview of all logs you want to collect, categorize them und define the storage / duration.

Don’t forget also to look at the legal requirements & GDPR.

CISO in Software3 years ago

1 year is standard in most cases

Content you might like

I'm seeking insights on industry best practices on the optimal duration and frequency of mandatory cybersecurity awareness training for all employees.
I’d love to hear how other organizations structure their programs.

Monthly training sessions, approximately 15 minutes each25%

Quarterly training sessions, approximately 30 minutes each60%

Semi-annual training sessions, approximately 45 minutes each8%

Annual training sessions, approximately 60 minutes each8%

View Results

What is the best work travel advice you’ve ever been given?

How often does your organization conduct Penetration Testing?

once a year19%

once every 6 months50%

once a quarter20%

ongoing8%

other (comment below!)

View Results

Is anyone integrating the use of iThenticate into their sponsored projects administration process or systems to proactively ensure research integrity and enhance the quality of grant proposals before submission to funding agencies?

I'm looking for an exchanged and best practices regarding SAP S/4 HANA works council agreements (Betriebsratsvereinbarung). We're launching our SAP S/4 HANA migration and our corporate works council has asked us to set up a specific agreement for this.

What's your log retention approach? Do you have a SIEM, log management system or both? And how long do you retain logs on devices (e.g. firewalls), in SIEM and in a log management system?

Sort by:

Content you might like

I'm seeking insights on industry best practices on the optimal duration and frequency of mandatory cybersecurity awareness training for all employees.
I’d love to hear how other organizations structure their programs.

What is the best work travel advice you’ve ever been given?

How often does your organization conduct Penetration Testing?

Is anyone integrating the use of iThenticate into their sponsored projects administration process or systems to proactively ensure research integrity and enhance the quality of grant proposals before submission to funding agencies?

I'm looking for an exchanged and best practices regarding SAP S/4 HANA works council agreements (Betriebsratsvereinbarung). We're launching our SAP S/4 HANA migration and our corporate works council has asked us to set up a specific agreement for this.

What sets us apart?

Take Your Insights On-the-Go

What's your log retention approach? Do you have a SIEM, log management system or both? And how long do you retain logs on devices (e.g. firewalls), in SIEM and in a log management system?

Sort by:

Content you might like

I'm seeking insights on industry best practices on the optimal duration and frequency of mandatory cybersecurity awareness training for all employees.I’d love to hear how other organizations structure their programs.

What is the best work travel advice you’ve ever been given?

How often does your organization conduct Penetration Testing?

Is anyone integrating the use of iThenticate into their sponsored projects administration process or systems to proactively ensure research integrity and enhance the quality of grant proposals before submission to funding agencies?

I'm looking for an exchanged and best practices regarding SAP S/4 HANA works council agreements (Betriebsratsvereinbarung). We're launching our SAP S/4 HANA migration and our corporate works council has asked us to set up a specific agreement for this.

What sets us apart?

Take Your Insights On-the-Go

I'm seeking insights on industry best practices on the optimal duration and frequency of mandatory cybersecurity awareness training for all employees.
I’d love to hear how other organizations structure their programs.