Log management
From Wikipedia, the free encyclopedia
Log management is the process for generating, transmitting, storing, accessing, and disposing of log data. A log data (or logs) is composed of entries (records), and each entry contains information related to a specific event that occur within an organization’s computing assets, including physical and virtual platforms, networks, services, and cloud environments.[1]
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)
|
The process of log management generally breaks down into:[2]
- Log collection - a process of capturing actual data from log files, application standard output stream (stdout), network socket and other sources.
- Logs aggregation (centralization) - a process of putting all the log data together in a single place for the sake of further analysis or/and retention.
- Log storage and retention - a process of handling large volumes of log data according to corporate or regulatory policies (compliance).
- Log analysis - a process that helps operations and security team to handle system performance issues and security incidents