Endpoint Centralized Logging
During an IT security incident, logs help determine what happened and when. Attackers often delete or modify local logs, so the IT Security Office requires remote, centralized logging for all high risk end points.
- Meet the Standard for Information Technology Logging requirements.
- Forward logs to University Central or ITSO authorized log server.
- Log servers should forward logs to the University Central log server.
If you have questions that are not covered in this procedure, please contact the Virginia Tech IT Security Office firstname.lastname@example.org for a consultation.