Az informatikai rendszerek naplózása

During the operation of IT systems in systems taking place every day a lot of logs made to the collection, analysis, in addition to the legal requirements is the only way the organization's IT system has successfully attack detection, and large can help to identification an ongoing attack. Neither the state administration nor the market environment is no common practice in the operation of the logging function. And there is no established best practice to uniformly used, in many cases the organizations operate only log collection, analysis system in order to meet the legal requirements.

The author of this article presents international and national legislation and standards related expectations of logging functions of information systems activities. The author proposes a range of systems which should be involve in the logging systems, and demonstrates that an organization's logging maturity level related to the IT systems and what kind of questions to be answered in the development of the logging function. Also on display will be that generated a system log entry, how it is processed the way in which it becomes an information security incident.