Task Syslog_Retention
Conditions
The agency will generate and retain audit logs for a period of 6 months or longer.
Standards
Must provide logs for the following for 6 months:
- Firewall Events
- DNS ingress and egress logs
- Domain Controller Events
- Intrusion Detection/Protection Events
- Web Usage
End State
Retain all logs identified for 6 months (minimum) to meet the incident response requirements.
Notes
Manual Steps
Running Scripts
Dependencies
References
Revision History