The Sunday Times carries a story about the Fine Gael security breach back in January of this year. The paper states that the company, Election Mall, who were hosting the Fine Gael website at the time of the attack were not able/or would not provide the log files to An Garda Siochana and the Data Protection Commissioner so they could investigate the breach. I am quoted in the piece on why log files are a critical element for your overall security infrastructure.
Log files, when properly configured, can provide invaluable information in the detection and/or investigation of a security breach. Despite this we still find many organisations do not look after their log files properly. Election Mall found this to their cost as Fine Gael has now reportedly cut all ties with that company.
Here is a presentation that I gave a number of years ago on the importance of maintaining and managing your log files. Many of the points in the presentation are still relevant today;
Best practises for log management
View more presentations from Brian Honan