Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Log Management Planning Guide: Draft SP 800-92r1 Available for Comment
NIST has released the initial public draft of Special Publication (SP) 800-92r1 (Revision 1), Cybersecurity Log Management Planning Guide, for public comment. The comment period closes on November 29, 2023.
NIST has released the initial public draft of Special Publication (SP) 800-92r1 (Revision 1), Cybersecurity Log Management Planning Guide, for public comment. Log management is the process for generating, transmitting, storing, accessing, and disposing of log data. It facilitates log usage and analysis for many purposes, including identifying and investigating cybersecurity incidents, finding operational issues, and ensuring that records are stored for the required period of time.
This document defines a playbook to help any organization plan improvements to its cybersecurity log management practices in support of regulatory requirements and recommended practices. While the playbook is not comprehensive, the listed plays are noteworthy and generally beneficial for cybersecurity log management planning by organizations.
The public comment period for this draft is open through November 29, 2023. Submit your comments to log-mgmt [at] nist.gov (log-mgmt[at]nist[dot]gov).
NOTE: A call for patent claims is included on page iii of this document. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.