Why you need log management and Incident monitoring

The Indian Computer Emergency Response Team (CERT-In) has announced mandatory new cyber security guidelines on 28 April 2022 for all service providers, intermediaries, data centres, body corporate and Government organizations . The failure to furnish the information or non-compliance with the ibid. directions may invite punitive action under sub-section (7) of section 70B of the IT Act, 2000, and other laws as applicable.


180-day log retention

All service providers, intermediaries, data centers, body corporates, and Government organizations are mandated to enable the logs of all their ICT systems and maintain them securely for a rolling period of 180 days. Indian jurisdiction will maintain the same.

Security infrastructure Server Infrastructure
Endpoint protection (EDR, AV) Windows server
Firewalls Linux server
Active Directory Web server
Web Proxy DNS server
Network IDS / IPS IaaS
Authentication AWS
DLP solution Azure
Network Infrastructure GCP
Routers (via syslog server)
Switches (via syslog server)

6-hour reporting of cybersecurity events

Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents as mentioned in Annexure I to CERT-In within 6 hours of noticing such incidents or being brought to notice about such incidents.

Types of cyber security incidents mandatorily to be reported
Compromise of critical systems/information
Unauthorised access of IT systems/data
Defacement of website or intrusion into a website and unauthorised changes such as inserting malicious code, links to externa
Attack on servers such as Database, Mail and DNS and network devices such as Routers
Identity Theft, spoofing and phishing attacks
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
Attacks on Critical infrastructure, SCADA and operational technology systems and Wireless networks
Attacks on Application such as E-Governance, E-Commerce etc.
Data Breach
Data Leak
Attacks on Internet of Things (IoT) devices and associated systems, networks, software, servers
Attacks or incident affecting Digital Payment systems
Unauthorised access to social media accounts
Attacks or malicious/ suspicious activities affecting Cloud computing systems/servers/software/applications
Attacks or malicious/suspicious activities affecting systems/ servers/networks/ software/ applications related to Big Data, Block chain, virtual assets, virtual asset exchanges, custodian wallets, Robotics, 3D and 4D Printing, additive manufacturing, Drones


Log Management

Meet the 180-day rolling logs requirement

A complete Log Management Solution:

  • Leverage a Gartner leading platform, utilized by 90+ customers of the global Fortune 500
  • Take advantage of flexible deployment options (on-premise or SaaS)
  • Attractive pricing to fit your budget
  • Fast time to value: Be compliant in as soon as 2-3 weeks


Log Management + Security Analytics

Meet the incident monitoring requirement

Everything in Essential, plus:

  • Deploy robust security rules to operate on integrated log data
  • Generate alerts and notifications in case of potential incidents
  • Leverage powerful dashboarding and querying capabilities for investigation
  • Make use of integrated ticketing capabilities for incident management


Log Management + Security Analytics + IT Operations Analytics (ITOA)

Get maximal ROI on log management investment

Everything in Advanced, plus:

  • Deploy Windows / Linux server monitoring use cases
  • Deploy app / web / database server monitoring use cases
  • Deploy network device monitoring use cases
  • Deploy AWS / Azure / GCP monitoring use cases, and much more
Illuminate\Database\Eloquent\Collection Object ( [items:protected] => Array ( ) [escapeWhenCastingToString:protected] => ) 1

Schedule a call with
our security expert