Creating a Log Retention Policy
Julian H. Stacey
jhs at flat.berklix.net
Mon Aug 22 23:31:41 GMT 2005
Matt Ruzicka wrote:
> Last year I attended a session at USENIX on system logging in which the
> instructor (Marcus Ranum) discussed the importance of having a clearly
> defined (and enforced) log retention policy. From what I remember of this
> portion of the lecture (the slides and my notes are lacking in details) he
> stressed that this policy would help significantly in the case of
> litigation, but it obviously would also give a solid policy for defining
> expectations and maintaining consistency between servers.
>
> A year later (*cough, cough*) I've started to compile ideas for this
> policy, but am having a bit of trouble finding good guidelines to follow.
>
> I was wondering if others currently had a clearly defined log retention
> policy for their organization and, if so, how they went about creating it?
>
> Thanks in advance for any feedback.
>
> Matthew Ruzicka - Systems Administrator
This seems a general Sys Admin issue appropriate to SAGE
http://www.sage.org , rather than anything needing to be BSD specific.
The search box on their site with "archival policy" shows this at top:
---
This represents the suggested policy document outline as it appears
in A Guide to Developing Computing Policy Documents published by
the USENIX Assocation for the SAGE. The guide is part of the SAGE
series Short Topics in System Administration.
--
Julian Stacey Consultant Systems Engineer, Munich. http://berklix.com
Mail in Ascii (Html = Spam). Ihr Rauch = mein allergischer Kopfschmerz.
More information about the freebsd-isp
mailing list