Jump to content

How can I get access to event logs that are more than 30 days old?


Recommended Posts

We are a Tier-1 PCI-compliant organization. As such, we need to comply with the requirements in the PCI DSS v3.2.1. One of these requirements, 10.7, reads:

10.7 Retain audit trail history for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).\

The event logs from Malwarebytes Endpoint Protection satisfy the requirements for what the logs need to contain, but I cannot figure out how to retrieve event los that were generated any time before 30 days ago. I can solve this issue by periodically retrieving event logs and storing the details in our log aggregation service, but in the meantime we have a gap of access to logs from approximately February 19th, 2021 to September 6th, 2021. How can I get access to these event logs so that I can at least add them to our log aggregator for long-term storage?

One of the reasons we migrated from Sophos to Malwarebytes was our understanding that Malwarebytes retains audit logs for at least one year and make them available for analysis. Please help!

John Firman

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.