Event Log Management and Compliance
Many organizations treat event logs as a post-incident analysis tool in investigation of security breaches. However, major compliance regulations (e.g. HIPAA and GLBA), look at event logs in a completely different way. From the compliance standpoint event log data is a must have tool to analyze who exercised what privileges and accessed confidential information, at any given point in time, to ensure continuous compliance.
The goal of automated event log management solutions is to facilitate the most difficult job in any compliance process: regular review and correlation of event data through consolidation and archiving of events from multiple systems and separation of the most critical 1% of activities from useless 99% of noise. In short, from the compliance perspective, event log management is: Collection (Consolidation), Archiving (Retention), Audit Reporting, and Monitoring (Alerting).
Netwrix Event Log Manager includes predefined out of the box compliance reports that cover major compliance regulations. The new version of the product also offers predefined sets of audit archiving filters for GLBA, HIPAA, PCI, and SOX regulations – just select the required compliances and you'll have these filters automatically configured to collect events needed for generating reports for the required regulations.
One of the most challenging parts of event log management is archiving. The following table summarizes event log retention requirements as mandated by major compliance regulations:
Disclaimer: This information is not intended to provide legal advice or substitute for the advice of an attorney.
Netwrix Event Log Manager is an event log consolidation and archiving tool, that allows you to collect events logs from multiple computers across network and centrally store them in a compressed format, enabling fast access to event log data. View side-by-side comparison between available product editions.