Details
Log retention should be reviewed to ensure logs are available to troubleshoot issues and investigate incidents. FireEye can rotate logs based on log size, size as a percentage of the /var partition, or a set period of time.
Solution
Determine what works best based on your log generation, device capabilities, and organizational standards. Edit the configuration and add or modify these lines:n
logging files rotation criteria frequency
logging files rotation criteria [size
logging files rotation max-num
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system FireEye.