Cyber security events are analysed in a timely manner to identify cyber security incidents.
Topic
Event log monitoring
Applicable to
all
History
Priority
should
Mar 2022
Cyber security events are analysed in a timely manner to identify cyber security incidents.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
Agencies should correlate events across event logs to prioritise audits and focusinvestigations.