Audit Logs & Monitoring

In the Audit Logs and Monitoring service, the LSAIT Infrastructure group configures servers, firewalls, networks, and other computer devices to ensure that audit logs are appropriately configured and maintained. Logs help record information that allow the reconstruction of a timeline of events and system activity. This information is important for helping analyze, monitor, and respond to potential misuse of and/or intrusion into LSA computing resources.

When configuring audit logs and monitoring events, it's important to keep in mind that the various platforms available (such as operating systems, web services, databases, file systems, and so on) are unique in how they handle logs. LSAIT staff address the configuration and monitoring of logs for LSAIT supported desktops, servers, and networks. One of the services that LSAIT operates to retain and process logs is Splunk. We work with other IT departments to help in configuring and maintaining logs from their own systems; please contact us for assistance.