According to recent investigations by Verizon companies are not aware of how precious and important systems logs are! Companies either do not maintain logs or simply ignore them but logs are needed to identify unusual system behavior and track events! Alan Brill, Senior Managing Director at Kroll has published an interesting article on net-security.org that discusses the importance and value of log maintenance and analysis.
Briefly, the main points discussed are related to the following:
• Logs are invaluable in security analysis, especially when reconstructing the events of an intrusion
• Logs may be required to comply with regulations and law
• Logs are invaluable in detecting abnormal activities
Read the full article here – http://www.net-security.org/secworld.php?id=12469