Gavin Reid the Director of Threat Research for Security Intelligence Operations at Cisoc explains how Cisco deals with the diverging logging requirements by IT and security teams. According to Gavin logging is probably both one of the most useful and least used of all security forensic capabilities. In large enterprises many security teams rely on their IT counterparts to do the logging and then turn to the IT logging infra when they need log information.
Read the full article here – http://blogs.cisco.com/security/security-logging-in-an-enterprise-part-1-of-2/