Improving Investigative and Remediation Capabilities (Sec. 8.)
The Office of Management and Budget’s M-21-31 mandates a maturity model for event log management. At a high level, the memo prescribes an enterprise logging maturity model with 4 levels (EL0-EL3) and then sets deadlines for achieving each level. Each level becomes increasingly sophisticated by requiring more data sources, longer retention, and eventually implementing UBA and SOAR capabilities.
- Watch the on-demand webinar to learn how Splunk can help your organization meet EL 2 Intermediate Tier capabilities required within 18 months