0
Declined

Signing of IDB 5.1 logs

Jacques Swanepoel 9 years ago updated by anonymous 7 years ago 2

Adding of the signing of log files whould ensure that we can show they were not modified, which would in turn provide a chain of evidence for auditors...

Answer

+1
Answer

Are you referring to signing the CSV logs? Where would the signature appear?


Are there other requirements? If it's just that no local user can modify the logs, then a different log store such as Splunk would meet that by shipping the logs off. Something more bespoke is now possible in v5.1 thanks to the PowerShell log writer.

+1
Answer

Are you referring to signing the CSV logs? Where would the signature appear?


Are there other requirements? If it's just that no local user can modify the logs, then a different log store such as Splunk would meet that by shipping the logs off. Something more bespoke is now possible in v5.1 thanks to the PowerShell log writer.