Endpoint Centralized Logging


During an IT security incident, logs help determine what happened and when. Attackers often delete or modify local logs, so the IT Security Office requires remote, centralized logging for all high risk end points.


  1. Meet the Standard for Information Technology Logging requirements.
  2. Forward logs to University Central or ITSO authorized log server.
  3. Log servers should forward logs to the University Central log server.


If you have questions that are not covered in this procedure, please contact the VT IT Security Office itso@vt.edu for a consultation.


Existing 4Help Document