Cyber security events are analysed in a timely manner to identify cyber security incidents.
Topic
Event log monitoring
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Priority
should
Mar 2022
Cyber security events are analysed in a timely manner to identify cyber security incidents.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
Agencies should correlate events across event logs to prioritise audits and focusinvestigations.