Sub-Requirement 10.7

Illustrative Controls and the TIBCO LogLogic Solution

Audit trails maintain a record of system activity both by system and application processes and by users of systems and applications. In conjunction with appropriate tools and procedures, audit trails can assist in detecting security violations, performance problems, and flaws in applications. Audit trail retention provides auditors and administrators a means to help accomplish several security-related objectives, including establishing individual accountability, event reconstruction, intrusion detection, and problem analysis.

To satisfy this requirement, LogLogic^® LMI solution simplifies, automates, and reduces the cost of log data retention. TIBCO LogLogic’s ST product comes with either 2.8 terabytes of usable onboard storage (up to 33.6 TB of compressed data) or interfaces to NAS devices and SAN for the 202x-SAN appliances.

ST Appliances archive up to ten years of log data while eliminating the need for servers, tape libraries, and archive administrators. When used with TIBCO LogLogic’s LX/MX Appliances, the ST Appliance also guarantees complete and accurate transmission of network equipment logs from anywhere on the enterprise WAN.

To maximize storage, TIBCO LogLogic’s ST solution stores all raw log data in compressed text format with a compression ratio of 12:1. Logs can be extracted from the ST’s easy-to-use UI without any impact to the collection and processing of raw log data.

Reports and Alerts

Use the following link/reference to see the 10.7 reports and alerts: 10.7 on page 143.