Q
Problem solve Get help with specific problems with your technologies, process and projects.

Is having a central log for all enterprise systems a good practice?

Is having a central log for all enterprise systems a good practice?

Is having a central log for all enterprise systems a good practice?
Logs by themselves are a detective control. They only allow the administrator to determine what went wrong. They are also of little use if not reviewed. Having them located in many different places can add to the burden of review. One way to ease this headache is to centralize logging. Setting up centralized logging will take some work but the result can be worth it. By having the logs centralized you won't have to go from system to system to review logs and you can use common scripts and tools to analyze all the information. If you find some suspicious logs captured by one router you can quickly scan other routers' logs for similar activity.

There's another added benefit of moving the logs to a centralized site and that's security. Moving them off the primary server from which they were created makes it much harder for an attacker or malicious user to attempt to tamper with them.

This was last published in January 2006

Dig Deeper on Campus area network

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close