Cybersecurity events are analysed in a timely manner to identify cybersecurity incidents.
Topic
Event log monitoring
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Priority
should
Mar 2025
Cybersecurity events are analysed in a timely manner to identify cybersecurity incidents.
References to ‘cyber security’ were changed to ‘cybersecurity’ to align with Australia’s national dictionary.
Mar 2022
Cyber security events are analysed in a timely manner to identify cyber security incidents.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
Agencies should correlate events across event logs to prioritise audits and focusinvestigations.