0
Declined

Signing of IDB 5.1 logs

Jacques Swanepoel 3 years ago • updated by anonymous 2 years ago 2

Adding of the signing of log files whould ensure that we can show they were not modified, which would in turn provide a chain of evidence for auditors...

Affected Versions:
Fixed by Version:

Answer

+1
Answer

Are you referring to signing the CSV logs? Where would the signature appear?


Are there other requirements? If it's just that no local user can modify the logs, then a different log store such as Splunk would meet that by shipping the logs off. Something more bespoke is now possible in v5.1 thanks to the PowerShell log writer.

+1
Answer

Are you referring to signing the CSV logs? Where would the signature appear?


Are there other requirements? If it's just that no local user can modify the logs, then a different log store such as Splunk would meet that by shipping the logs off. Something more bespoke is now possible in v5.1 thanks to the PowerShell log writer.