Organizations are turning to logs to provide a continuous trail of everything that happens with their IT systems and, more importantly, with their data. If a disgruntled employee with an intent to steal data accesses a database containing confidential information, there would likely be a log of that activity that someone could review to determine the who, what and when. Routine log reviews and in-depth analysis of stored logs are beneficial for identifying security incidents, policy violations, fraudulent activity and operational problems shortly after they have occurred, as well as for providing information useful for resolving such problems. Given the inherent benefits of log management, it is not surprising that log data collection and analysis is generally considered a security industry “best practice.” Some of these regulations rely on National Institute of Standards and Technology Computer Security Special Publications (NIST SP) to delineate the detailed logging requirements.