SANS Eighth Annual 2012 Log and Event Management Survey Results: Sorting Through the Noise

by Jerry Shenk
Sept. 1, 2017 0 comments SANS Institute logging technology and techniques

The key finding that stands out in SANS’ Eighth Annual Log and Event Management Survey is the inability of organizations to separate normal log data from actionable events. More than 600 respondents report that detecting and tracking suspicious behavior, supporting forensic analysis and meeting and proving regulatory compliance are the most important and problematic issues they are dealing with in using their logs. As attacks become more sophisticated, IT and security practitioners are identifying what they must do to not just keep up, but also to get proactive about their security practices. At the heart of this issue is log management.