8.10: Retain Audit Logs
Retain audit logs across enterprise assets for a minimum of 90 days.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Network |
Protect |
2, 3 |
Dependencies
Safeguard 4.1: Establish and Maintain a Secure Configuration Process
Safeguard 8.9: Centralize Audit Logs
Inputs
GV28: Log aggregating softwareGV3: Configuration standards
Operations
- For each log aggregating software
GV28useGV3to check configuration standards Identify and enumerate aggregating software configured to retain logs for 90 days or more (M2)
Identify and enumerate aggregating software configured to retain logs for less than 90 days (M3)
- For each log aggregating software
Measures
M1 = Count of log aggregating software
GV28M2 = Count of aggregating software properly configured to retain logs for 90 days or more
M3 = Count of aggregating software configured to retainlogs for less than 90 days
Metrics
Compliance
Metric |
The percentage of aggregating software properly configured to retain
logs for 90 days or more.
|
Calculation |
|