Archiving Event Logs
Archived event logs often play an important role in the detection, investigation, and prosecution of a computer crime or other computer misuse. Configuring network devices and computer systems to produce event logs that contain valuable information is the first step in detecting computer crime. Proper archiving will further aid in the investigation and allow the event logs to be entered as evidence in court.
1002 (PDF, 1.76MB)
8 May 2003ByJim Stansbury