International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE)
Log files helps cyber forensic process in probing and seizing computer, obtaining electronic evidence for criminal investigations and maintaining computer records for the federal rules of evidence. So it can be said that logging is closely related to forensic computing. To make the logs admissible for the use in court, there is a necessity to prove that the logs have not been modified after being generated. Moreover, since the logs contain confidential information, they must be protected strictly. Therefore a secure logging scheme that ensures the integrity and confidentiality of the logs is needed. In this paper the log files and their management issue are discussed. The technical constraint of available log files are identified and presented.