Log archival: Storing log data to address future requirements.

Log data is vital information that contains records about events that have happened in a network. Log data is essential to monitor the network and understand the network activities, user actions, and their motives.

As every device in the network generates logs, the amount of data collected is huge, and managing and storing all this data becomes a challenge. Log archiving is a process that helps administrators use available storage efficiently.

Why archiving log data is important.

  • Meet regulatory standards
  • Most compliance regulations compel enterprises to retain log data for at least a year to facilitate forensic analysis. For instance, section 802 of SOX requires organizations to archive their data for at least seven years.

  • Identify patterns and trends
  • When log data spanning a longer period of time is archived, it can be loaded back into an analytical solution to identify network activity trends and patterns. These trends and patterns support the design and implementation of preventive security strategies.

  • Optimize log data storage
  • Archiving log data by employing compression techniques, as well as storing archived logs in a location that doesn't need to be optimized for quick access, are two good ways to save storage space and reduce costs. Furthermore, since the data can be decompressed and loaded into active databases any time without any data loss, it can still be used for forensic analysis or any other operation easily.


Chapter 2

Different functions of SIEM

Learn about the different capabilities of an ideal SIEM solution.


Chapter 3

Component of SIEM Architecture


Chapter 4

Log Management

Learn about log management and why it is necessary.


Chapter 5

Incident Management

Learn about security incidents and how they are handled.


Chapter 6

Threat intelligence

Learn about security audits, real-time monitoring, and correlation and how they are useful to mitigate cyberthreats.


Chapter 7

Cloud security

Learn why it is important to secure data that is stored online on cloud computing platforms.


Chapter 8

User Entity and Behavior Analytics

Learn why UEBA is critical to maximize cybersecurity.


Chapter 9

Data protection

Learn why it is important to adhere to compliance regulations.