Traceability and security logging
Centralised logging in security-sensitive systems involves an enhanced risk of attacks. To reduce the risks, a solution is needed that protects both log data and all connected systems.
Most IT systems generate logs that enable troubleshooting and traceability. To benefit the most from such logs, it is important to combine logs from as many systems as possible in one chronological list.
If you have security-sensitive or zoned systems and want to implement centralised logging, you need to resolve an inherent goal conflict. Logging benefits from having one shared system for all zones/subsystems, but a shared system also increases the risk of attacks.