Assignment 29924

udit log and audit log correlation is a significant part of a network administrator and security officer’s job. NIST has a document NIST SP 800-92 “Guide to Computer Security Log Management” located at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf (Links to an external site.) . Assume that your boss has come to you to ask you about managing audit logs.
Write a 2-3 page executive memo that addresses the following:
1. Discusses some of the challenges that log management faces.
2. Propose a “plan” for your network log management program to your boss. Who will review your logs? How often will they be reviewed? How will you protect your log files? What recommendations will you make for log aggregation and correlation? How can a tool such as Splunk assist with this?

Note: 12pt font, Times New Roman, Double Spaced