• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue NIS2 and logs, what to keep for how long?

Linulex

Linulex

Silver Pleskian
Server operating system version
alma 8.10
Plesk version and microupdate number
18.0.64 #1
I know that for NIS2 you have to save logs with login and dns data off-server for safe keeping, but what logs exactly do i need to safe?

I know these logs have login data:
- /var/log/pleskactions (exported plesk log as per plesk nis2 manual)
- /var/log/secure
- /var/log/maillog

Do i miss something, and are these needed? Is it mandatory to keep maillogs for that long? Doesnt that breach privacy?

And for how log do i need to keep them? I read 18 months somewhere, is this correct?

Regards
Jan
 
Data retention is still prohibited by GDPR. Long-term storage of log files is no required, neither allowed. Could you please refer the location in the NIS2 documents where you read that logs must be saved?
 
According to this its 18 months, but 18 months seems a very long time, hence my question.

NIS2 EN - TeskaLabs LogMan.io

This is a pan-European piece of legislation on cyber security. It aims to achieve a high level of cyber security in all EU Member States.
logman.io logman.io

Obligation to store logs of all systems and IT infrastructure​


The directive also requires the storage of logs from all systems and IT infrastructure and their subsequent storage in an unalterable form for at least 18 months.
Click to expand...

And according to Plesk in the documentation

docs.plesk.com

Copying Plesk Action Log Records to an External Server

Logs are the most fundamental way to determine user, system, and application activity on a network. If an attacker ha...
docs.plesk.com docs.plesk.com

In compliance with the NIS2 directive, organizations must guarantee that logs are complete, accurate, and safeguarded against any unauthorised modifications or disruptions.To protect logs and make your Plesk server NIS2 compliant, you need to configure Plesk to send a copy of Plesk Action Log records to an external log server.
Click to expand...


Regards
Jan
 
Thank you. That source says:
  • "The directive also requires the storage of logs from all systems and IT infrastructure and their subsequent storage in an unalterable form for at least 18 months."
But where in the EU docs is this written? I must have missed that.

Plus, in Germany, the EU regulation has not yet been put into a law.

I am not saying, the storage requirement was false information, but maybe it is meant for specific cases. For that reason it will be best to find out where this requirement is formulated in the original source and what the context is.
 
If external storage is not needed, why would Plesk invest resources so that the action log can be handled by rsyslog and why would Plesk create a whole support page on it and why would Plesk say it is mandatory? I presume Plesk has looked it up.

To protect logs and make your Plesk server NIS2 compliant, you need to configure Plesk to send a copy of Plesk Action Log records to an external log server.
Click to expand...

I know it is not yet law, but it should have been

ec.europa.eu

New rules to boost cybersecurity of EU's critical entities and networks

The Commission has adopted today the first implementing rules on cybersecurity of critical entities and networks under the Directive on measures for high common level of cybersecurity across the Union (NIS2 Directive).
ec.europa.eu ec.europa.eu

Today's adoption of the implementing regulation coincides with the deadline for Member States to transpose the NIS2 Directive into national law. As of tomorrow, 18 October 2024, all Member States must apply the measures necessary to comply with the NIS2 cybersecurity rules, including supervisory and enforcement measures.
Click to expand...

if i am correct, it will become law in the netherlands "somewhere in 2025"

regards
Jan
 
You must log in or register to reply here.

Similar threads

O
Question vhosts: Log files are rebuilt
Replies
3
Views
750
ollibraun
O
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
616
mapodec
mapodec
B
Issue Remote Backup to Microsoft OneDrive Error
2 3
Replies
58
Views
7K
thilo72
T
K
Resolved Plesk panel update fails with "certificate has expired"
Replies
3
Views
525
Sebahat.hadzhi
Sebahat.hadzhi
M
Question Issue with plesk backup manager and backups are taking long and not completing
Replies
0
Views
761
maximus99
M
Back
Top