Logging
Explore the role of logging in cyber security by understanding how to record who performed which actions, when, and how. Learn to monitor employees and systems, detect malicious activities, and preserve log data integrity for investigations.
We'll cover the following...
We'll cover the following...
Logging is the recording of activities performed by individuals and IT assets.
Definitions
For each logged event, the following table lists the minimum properties that should be recorded.
Properties of log events
Term | Definition |
Who | The source of the action, a user, system, or process. |
What | A description of the action taken. |
When | When the event took place, providing a timestamp that’s synchronized across systems. |
Where | The object involved or acted upon to perform an action. |
Each log event should describe who did what, and when and how it was done. ...