sales@trestlenetworks.com 720.446.0125

inSight Logging

Failure to retain key infrastructure logs can result in both compliance fines and gaps in your security posture. Trestle Networks’ inSight Logging services are essential for meeting the compliance and short/long-term security requirements for your business.

Key Features

●      Syslog-based event collection for applications, servers, endpoints, firewalls and, switches, Wi-Fi access points and other infrastructure

●      366-day retention in US-based Azure cloud storage

●      Meets compliance requirements described in muliple compliance standards including CJIS, HIPAA and PCI-DSS

●      Integrates with separately purchased Managed Network Services' for real-time monitoring network infrastructure login attempts and specific forwarded traffic

●      Retrieval and analysis of log events, as requested

HIPAA

WHAT YOU MUST LOG

  • Access to ePHI (logons/logoffs, file access)

  • Changes to user privileges or system security settings

  • Audit log enable/disable actions

  • Any detectable security events

MINIMUM RETENTION PERIOD

  • 6 years (federal baseline; longer if required by state law or contract) 

REVIEW & MONITORING REQUIREMENTS

  • Periodic review of system activity logs (frequency based on risk analysis)

PCI-DSS 3.2

WHAT YOU MUST LOG

  • Individual user access to cardholder data

  • Actions by privileged/root users - Invalid access attempts

  • Use of audit log functions - Creation/deletion of system objects

  • Security event changes (e.g., firewall rules, IDS config)

MINIMUM RETENTION PERIOD

  • 1 year

  • With at least 3 months immediately available online

REVIEW & MONITORING REQUIREMENTS

  • Daily review (automated tools permitted) of logs from all in-scope systems and critical security components

CJIS

WHAT YOU MUST LOG

  • User logons/logoffs

  • Privileged operations

  • Changes to access controls or security configurations

  • All defined auditable events on systems handling CJI

MINIMUM RETENTION PERIOD

  • Minimum 1 year (longer if required by agency policy or statute)

REVIEW & MONITORING REQUIREMENTS

  • Periodic review (frequency defined by agency risk assessment)

  • Real-time alerting for certain events