Security Event Logging

A service overview and catalog of Security Event Logging provided by the UC Berkeley IT Service Hub.

Description

The Security Event Logging service provides centralized ingestion, storage, and analysis of security relevant logs for eligible protected data applications. The service helps system owners meet MSSEI requirements for audit logging and analysis by identifying security threats in real-time and providing the historical data necessary for forensic investigations.

Benefits & Features

Allows technical contacts to respond immediately to advanced threats before they cause serious damage or data loss.
Provides a comprehensive view of security incidents that isolated logs might miss.
Enables security analysts to detect if a system is currently being probed for an attack or has been successfully compromised.

Getting Started

Please email security-logs@berkeley.edu if you support systems and applications involving UC P4 data and you would like to get started with our Log Correlation services.

Service Details

Eligibility	This service is available to Faculty, Staff, Students, Researchers, and Affiliates using University-owned devices classified as Protection Level 4, Protection Level 3, or Availability Level 4.
Contact	Technical Support: For troubleshooting or reporting a service interruption, please submit a support ticket online or email security-logs@berkeley.edu.
Availability	Available 24/7. Support is provided Monday–Friday, 8:00 AM – 5:00 PM PT, excluding University holidays and curtailment periods.
Cost	There are no direct costs associated with this service.
Data Classification	This service is rated for P4 and A3 data. Recovery Level not applicable. Compliance: Users are responsible for ensuring data handled within this service complies with the Data and IT Resource Classification Standards.