Emerald Business Systems Blog

The Problem with Logging

Posted in PCI by ebs4pos on October 25, 2009

Kim Zetter from Wired Magazine put Wal-Mart back in the news recently with information about an alleged incident that occurred in the 2005-2006 timeframe. One of the key issues making the rounds is the following assertion made by Zetter:

The company’s server logs recorded only unsuccessful log-in attempts, not successful ones, frustrating a detailed analysis.

Logs serve multiple purposes, and for that reason they tend to grow rapidly. Sure, storage is cheap nowadays, but every company still struggles with this very basic concept. While I won’t speak specifically to the Wal-Mart incident (Evan Schuman has some great additions), I will address some of what I see with my customers and their struggles with logging.

via Branden Williams’s Security Convergence Blog » The Problem with Logging.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: