Central Log Service & IT Policies Overview
Central Log Service (CLS) is a university service for storing and analyzing log information, operated by the Division of IT Network Infrastructure and Services Monitoring team. The service provides a centralized location for log storage, analysis tools, and real-time indexing capabilities. IT Logging standards and policies are outlined, emphasizing the importance of sending logs to the central log system. Benefits include improved visibility, quicker issue resolution, and easy access to log data. The service is designed to evolve to meet customer needs and is accessible for consultation via ServiceNow.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Central Log Service / IT Policies & Standards Philip Kobezak & Randy Marchany
Central Log Service The Log Archiving and Analysis project created the Central Log Service The Central Log Service provides University departments a location for storing, and tools for analysis of, server/desktop/device log information Analysis can be performed in the form of queries, visualizations, and dashboards Elastic stack deployment designed to scale and provide near real-time indexing Thousands of hosts sending logs Most Division of IT systems and services Hundreds of millions of events per day Hundreds of Gigabytes per day
Central Log Service The service is operated by the Division of IT Network Infrastructure and Services Monitoring team Brandon Booker, Brian Jones, Dave Martin, Gene Thistle, led by Justin Sobczak The CLS had it s initial release last month and more information is available in ServiceNow. The focus is on higher risk systems right now New customers of the service can reach out to the NI&S Monitoring team to discuss onboarding This is a shared service so large volumes of logs may need to be ramped up Many log types have existing parsers however, your logs may need updates to Logstash
Central Log Service Benefits for all of us: One place to look at logs Easily grant access to others Visualize trends with dashboards Quicker problem resolution Greater visibility for ITSO This service will continue to grow and evolve to meet the needs of customers If there are specific needs you have, let us know Review service information in ServiceNow and request consultation
IT Policies & Standards Standard for IT Logging (Draft) Applies to any university-owned IT resource or service that stores, processes, or transmits high risk or moderate risk university data High-level: Log activity Send to a central log system Review logs Sending to the Central Log Service is required for Division of IT units Other tools may be used in addition CLS is recommended for the rest of the university
IT Policies & Standards Standard for IT Logging Google Doc: https://goo.gl/UenRL8 https://docs.google.com/a/vt.edu/document/d/1JVbRcWUQ3_Cfct3CCEBM8d0PNUaLCUajHe Va2xhKJIg/edit?usp=sharing Currently in draft - will be published soon If you have any comments, let us know via email
IT Policies & Standards Recently published: Virginia Tech Risk Classifications http://it.vt.edu/content/dam/it_vt_edu/policies/Virginia-Tech-Risk- Classifications.pdf Minimum Security Standards http://it.vt.edu/content/dam/it_vt_edu/policies/Minimum-Security-Standards.pdf Standard for High Risk Digital Data Protection http://it.vt.edu/content/dam/it_vt_edu/policies/Standard-for-High-Risk-Digital-Data- Protection.pdf