Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Log Management

Overview

NIST has released Draft Special Publication (SP) 800-92 Revision 1, Cybersecurity Log Management Planning Guide for public comment through November 29, 2023. The purpose of this document is to help all organizations improve their log management so they have the log data they need. The document's scope is cybersecurity log management planning, and all other aspects of logging and log management, including implementing log management technology and making use of log data, are out of scope.

This document replaces the original SP 800-92, Guide to Computer Security Log Management. That material was developed at a time when many organizations were just starting to think about log management. With the wealth of information now available on log management, this revision of NIST SP 800-92 focuses on high-level guidance for organization-wide improvement, not the details of implementation nor the capabilities of particular technologies.

The main content of the new SP 800-92 Revision 1 is a playbook for cybersecurity log management planning. The playbook provides actionable steps that organizations can take to plan improvements to their log management practices in support of best practices and regulatory requirements. The playbook is not comprehensive, but the listed plays are noteworthy and generally beneficial to organizations.

The SP 800-92 revisions were informed by the August 2021 OMB Memorandum M-21-31, "Improving the Federal Government's Investigative and Remediation Capabilities Related to Cybersecurity Incidents," which addresses requirements in Section 8 of Executive Order (EO) 14028.

Contact Us

Your comments and suggestions for the Log Management project are always welcome. Contact us at log-mgmt@nist.gov.


Contacts

Log Management
log-mgmt@nist.gov

Murugiah Souppaya - NIST/CSD

Karen Scarfone

Topics

Security and Privacy: audit & accountability

Applications: enterprise

Laws and Regulations: Executive Order 14028

Related Projects

National Checklist Program

Created April 28, 2021, Updated October 19, 2023