• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue NIS2 and logs, what to keep for how long?

Linulex

Silver Pleskian
Server operating system version
alma 8.10
Plesk version and microupdate number
18.0.64 #1
I know that for NIS2 you have to save logs with login and dns data off-server for safe keeping, but what logs exactly do i need to safe?

I know these logs have login data:
- /var/log/pleskactions (exported plesk log as per plesk nis2 manual)
- /var/log/secure
- /var/log/maillog

Do i miss something, and are these needed? Is it mandatory to keep maillogs for that long? Doesnt that breach privacy?

And for how log do i need to keep them? I read 18 months somewhere, is this correct?

Regards
Jan
 
Data retention is still prohibited by GDPR. Long-term storage of log files is no required, neither allowed. Could you please refer the location in the NIS2 documents where you read that logs must be saved?
 
According to this its 18 months, but 18 months seems a very long time, hence my question.


Obligation to store logs of all systems and IT infrastructure​


The directive also requires the storage of logs from all systems and IT infrastructure and their subsequent storage in an unalterable form for at least 18 months.

And according to Plesk in the documentation


In compliance with the NIS2 directive, organizations must guarantee that logs are complete, accurate, and safeguarded against any unauthorised modifications or disruptions.To protect logs and make your Plesk server NIS2 compliant, you need to configure Plesk to send a copy of Plesk Action Log records to an external log server.


Regards
Jan
 
Thank you. That source says:
  • "The directive also requires the storage of logs from all systems and IT infrastructure and their subsequent storage in an unalterable form for at least 18 months."
But where in the EU docs is this written? I must have missed that.

Plus, in Germany, the EU regulation has not yet been put into a law.

I am not saying, the storage requirement was false information, but maybe it is meant for specific cases. For that reason it will be best to find out where this requirement is formulated in the original source and what the context is.
 
If external storage is not needed, why would Plesk invest resources so that the action log can be handled by rsyslog and why would Plesk create a whole support page on it and why would Plesk say it is mandatory? I presume Plesk has looked it up.

To protect logs and make your Plesk server NIS2 compliant, you need to configure Plesk to send a copy of Plesk Action Log records to an external log server.

I know it is not yet law, but it should have been


Today's adoption of the implementing regulation coincides with the deadline for Member States to transpose the NIS2 Directive into national law. As of tomorrow, 18 October 2024, all Member States must apply the measures necessary to comply with the NIS2 cybersecurity rules, including supervisory and enforcement measures.

if i am correct, it will become law in the netherlands "somewhere in 2025"

regards
Jan
 
Back
Top