DSS/HIPPA/SOX Unalterable Audit Logs?

Posted by kdawson on Tuesday July 31, 2007 @06:23PM from the write-once-keep-forever dept.

analogrithems writes "Recently I was asked by one of the suits in my company to come up with a method to comply with the new PCI DSS policy that requires companies to have write once, read many logs. In short the requirement is for a secure method to make sure that once a log is written it can never be deleted or changed. So far I've only been able to find commercial and hardware-based solutions. I would prefer to use an open source solution. I know this policy is already part of HIPPA and soon to be part of SOX. It seems like there ought to be a way to do this with cryptography and checksums to ensure authenticity. Has anyone seen or developed such a solution? Or how have you made compliance?"

2 of 381 comments (clear)

Min score:

Reason:

Sort:

Syslog by cerberusss · 2007-07-31 18:30 · Score: 0, Offtopic

Good old syslog comes to the rescue. Besides logging locally to disk, also add a line to /etc/syslog.conf to log to a remote machine. That's probably enough read-only for you.

Don't thank me until you've seen the bill.

--
8 of 13 people found this answer helpful. Did you?
Use Tolven by wilros · 2007-07-31 20:21 · Score: 0, Offtopic

http://sourceforge.net/projects/tolven