The invention relates generally to computer data, and in particular, to securing computer log files.
In information technology (IT) environments comprising computing and networking systems, log files are normally secured using Access Control Lists (ACLs) for restricting access to them. Though ACLs attempt to make it more difficult for attackers to tamper with log files and cover their tracks, ACLs cannot guarantee against such tampering. Tampering with the log files includes removal of items, modifications or both. Further, though the number of individuals who can manipulate the log files may be reduced as much as possible, access to highly trusted accounts by individuals such as administrators is still required. At a minimum, there always is privileged access to log files, which may lead to tampering with the log files.