NIST Special Publication 800-92

The publication was prepared by Karen Kent and Murugiah Souppaya of the National Institute of Science and Technology and published under the SP 800-Series;[1] a repository of best practices for the InfoSec community.

Log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time.

A deficiency in any of these areas can cause an organization to miss signs of unauthorized activity, intrusion, and loss of data, which creates additional risk.

[3] NIST SP 800-92 provides a high-level overview and guidance for the planning, development and implementation of an effective security log management strategy.

The intended audience for this publication include the general information security (InfoSec) community involved in incident response, system/application/network administration and managers.