[Owasp-pci-project] Logging

McGovern, James F (HTSC, IT) James.McGovern at thehartford.com
Thu Jun 4 17:32:16 EDT 2009 

NIST is good but doesn't really address the scenarios I outlined.

________________________________

From: wengaous at gmail.com [mailto:wengaous at gmail.com] On Behalf Of Helen
Gao
Sent: Thursday, June 04, 2009 5:16 PM
To: McGovern, James F (HTSC, IT)
Cc: Owasp-pci-project at lists.owasp.org
Subject: Re: [Owasp-pci-project] Logging


We use NIST Guide to Computer Security Log Management as our guidelines
<http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf> . 

On Wed, Jun 3, 2009 at 9:50 AM, McGovern, James F (HTSC, IT)
<James.McGovern at thehartford.com> wrote:


	PCI requires logging and encourages one to log to a different
tier.
	Likewise, there are lots of guidance on where to put events such
as
	failed AuthN, etc but the rest is left up to interpretation. So,
even if
	you use approaches such as Log4J and the syslogAppender, you
still need
	to have some type of guidance on things like whether a message
gets
	routed to multiple logs (one local, one remote) along with
things such
	as having a recommendation around certain patternLayouts so that
you
	have a fighting chance to correlate log events across
potentially
	hundreds if not thousands of servers/processes.
	************************************************************
	This communication, including attachments, is for the exclusive
use of addressee and may contain proprietary, confidential and/or
privileged information.  If you are not the intended recipient, any use,
copying, disclosure, dissemination or distribution is strictly
prohibited.  If you are not the intended recipient, please notify the
sender immediately by return e-mail, delete this communication and
destroy all copies.
	************************************************************
	
	_______________________________________________
	Owasp-pci-project mailing list
	Owasp-pci-project at lists.owasp.org
	https://lists.owasp.org/mailman/listinfo/owasp-pci-project
	




-- 
Wen Gao

************************************************************
This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-pci-project/attachments/20090604/021399e8/attachment.html

More information about the Owasp-pci-project mailing list