Log absence results in blind spots in your infrastructure and potentially leaves you vulnerable to threats. Log management at scale is now a core discipline of security operations in the cloud. Effective log management needs to address two key questions: Which logs to store and how, and How to analyze log data effectively. Logs should be stored for more than three months, but not for the sake of saving them or with an ambiguous plan to use them in the future is time consuming and returns low value. A single log might not give you much information about what happened, why it happened and whether it’s OK that it happened. But if you add to the log other pieces of data that will give it context and make more sense of it, the work of security will look totally different and”]
Source: https://www.csoonline.com/article/3271067/don-t-fall-off-the-log.html