6.5: Central Log Management
Ensure that appropriate logs are being aggregated to a central log management system for analysis and review.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Network |
Detect |
2, 3 |
Dependencies
Sub-control 2.4: Track Software Inventory Information
Inputs
The total number of log producers (M1)
The number of sensors correlated in a central service (M2)
Operations
N/A
Measures
M1 = Count log producers
M2 = Count of sensors correlated in a central service
Metrics
Quality of Log correlation/aggregation
Metric |
The ratio of log producers correlated in a central service to the total number
of log producers.
|
Calculation |
|