LOG-3 Centralized Logging

Estimated reading: 2 minutes 1644 views

What is LOG-3 Centralized Logging Control about?

Centralized logging is a vital part of enterprise monitoring. Utilize a centralized monitoring tool to collect, analyze, predict, and report on system issues, such as performance issues.

Available tools in the marketplace

The following listing is “crowdsourced” from our customer base or from external research. TrustCloud does not personally recommend any of the tools below, as we haven’t used them.

Logging Tools
Zabbix
DataDog
ManageEngine

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version:

  • N/A: no template recommendation

Control implementation

Note: This control is 100% automated by TrustCloud. Connect your system to enjoy the benefits of automation. 

For a manual implementation:

Install a centralized logging tool that captures logs from various systems. Ensure the following are configured:

  1. Enable a threshold for alert notifications (map the type of events to be notified about and the threshold to cross for notifications).
  2. Set up an alert notification (ensure the alert is sent to a team for quick response and review).
  3. Restrict access to the log.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

  1. Provide a screenshot of the centralized tool dashboard showing the various systems connected to it and feeding it logs.
  2. Provide a screenshot of the alert notification threshold.
  3. Provide a screenshot of the alert notification.

Evidence example

For the suggested action, an example is provided below:

  1. Provide a screenshot of the centralized tool dashboard showing the various systems connected to it and feeding it logs.
    The following screenshot shows the dashboard and the various events being tracked.
    LOG 3 Centralized Logging 01
  2. Provide a screenshot of the alert notification threshold.
    The following screenshot shows the alert notification configuration, demonstrating who will be alerted.
    LOG 3 Centralized Logging 02
    LOG 3 Centralized Logging 03
  3. Provide a screenshot of the alert notification.
    The following screenshot shows an alert notification.
    LOG 3 Centralized Logging 04

Join the conversation

You might also be interested in

Documentation Templates

Documentation Templates are documents that provide a content outline to meet certain documentation needs....

Data Backup Plan Template

The Data Backup Plan template helps you document in detail the data backup needs...

HR-13 Employee Handbook/Code of Conduct

HR-13 Employee Handbook or Code of Conduct communicates the organization’s values and ethics. It...

AUTH-1 Single Sign On (SSO)

Single Sign On (SSO) Control is a best practice recommendation for critical systems....

Security Incident Report Template

The Security Incident Report template helps you document the steps used to assess and...

BIZOPS-6 Disaster Recovery Testing

BIZOPS-6 Disaster Recovery Testing control refers to the exercise of identifying the critical systems...

PDP-10 SDLC – Separation of environments

PDP-10 SDLC Separation of Environments is important to maintain separate environments to develop, test,...

Privacy Committee Charter Template

Privacy Committee Charter serves as a foundational document, establishing the framework for the committee's...
ON THIS PAGE
SHARE THIS PAGE

SUBSCRIBE
FlightSchool
OR