Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How long to retain an archive of web server traffic logs?

Tags:

logging

iis

We've currently got four web servers in a farm generating IIS web logs about 100Mb per day. These can be compressed pretty effieciently down to somewhere around 5% of their size.

We are planning to use waRmZip to move them off the servers and onto a SAN. After a week or so we can be confident we don't have any technical issues to investigate so the only other thing would be using them for trend analysis as a compliment to Google Analytics.

What retention periods do people recommend? Are there any legal requirements to keep this data?

like image 735
Dave Anderson Avatar asked Oct 16 '08 11:10

Dave Anderson


People also ask

How long are webserver logs archived?

A log file is a file in which system processes and events are saved. The log files are stored for two weeks according to the GDPR.

How long should I keep log files?

Current guidelines require that organizations retain all security incident reports and logs for at least six years.


2 Answers

Legal requirements will depend on your country, how much you're logging, and quite possibly the nature of your business. Talk to your company's lawyers - legal advice on SO is likely to be worth what you pay for it.

If you're only storing 5MB per day, you should be able to store them for basically as long as you want without worrying on the technical front.

like image 80
Jon Skeet Avatar answered Oct 10 '22 00:10

Jon Skeet


Please consider the sensitivity of your web log data as well. I have no idea whether access to your web apps would be considered sensitive if made public, but you need to realize that your web logs contain the necessary information to potentially identify individuals (esp. in conjunction with other information available elsewhere). Your privacy policies should reflect how long you retain these logs and what purposes to which they will be put. Google, I think, recently decided to anonymize their logs after 9 months to help protect user privacy. Granted, their situation is a little different since they collect so much information, but you need to consider your customer's needs as well as your own when determining how long and in what form to keep your logs.

like image 38
tvanfosson Avatar answered Oct 10 '22 01:10

tvanfosson