Log File Retention and Maintence

Jason Brooks jbrooks at longwood.edu
Mon Jun 30 19:14:57 GMT 2003


I have been doing some research into logging, auditing, and retaining log 
files.  As I have looked, many of the catalysts for maintaining the logs 
are legal maneuvers.  After reading a doc entitled "Electronic Data 
Retention" from the Sans reading room, and the how-to on "Centralizing 
Event Logs on Windows 2000", I have this question to pose to all:
         If you follow the procedure of dumping your Event Log to a csv 
file, then batch move those files to another box, and then import them into 
some RDBMS, does that break the standard for having the original?  E.g., if 
your records are subpoenaed, would records in the database prove useless 
legally?

Thanks for any insights,
Jason Brooks

Jason Brooks
Information Security Technician
IITS
116 - B Coyner
Longwood University
201 High Street
Farmville, VA 23901
(434) 395-2796



More information about the unisog mailing list