On Security Log Management Systems
A Log Management System (LMS) is a system for creating, receiving, processing, releasing, and transferring of security log data. Its main objectives include detecting and preventing unauthorized access and abuse, and meeting regulatory requirements. One of its main components is the classification of events to make decisions related to archiving and to invoking responses to certain events. Most current approaches to LMS design are system dependent and involve specific hardware (e.g., firewalls and servers) and commercial software systems.