Here is another interesting account of the SANS Log Management Summit that I already blogged about. Randy points some things I missed in my story. Here is his - "Take Aways from SANS Log Management Summit": "It was a fascinating week at the SANS Log Management Summit."
I like some of his points, such as this (I regret :-) I didn't spell it out as succinctly as he did): "Log management is not a pure security effort and the smart IT security officer will work with others especially IT operations, compliance and legal teams to ensure the project gets funded, maximizes value, enhances legal recourse against bad guys and doesn’t introduce new legal risks associated with privacy."
And, further: "To justify the expense of a top shelf log management solution you have to realize that log management is Security, [IT] Operations and Compliance folks from all three areas need to support and pay for the project."
For other fun bits, check his full post.