{"id":3784,"date":"2025-05-07T14:04:49","date_gmt":"2025-05-07T12:04:49","guid":{"rendered":"https:\/\/logmanager.com\/?p=3784"},"modified":"2026-05-14T11:35:24","modified_gmt":"2026-05-14T09:35:24","slug":"jak-na-logovani-typy-logu-zdroje-co-logovat","status":"publish","type":"post","link":"https:\/\/logmanager.com\/cs\/blog\/log-management\/jak-na-logovani-typy-logu-zdroje-co-logovat\/","title":{"rendered":"Jak na logov\u00e1n\u00ed? Typy log\u016f, zdroje a co byste m\u011bli logovat"},"content":{"rendered":"\n<p>Logy jsou kl\u00ed\u010dov\u00fd n\u00e1stroj pro spr\u00e1vu a zabezpe\u010den\u00ed IT prost\u0159ed\u00ed. V tomto \u010dl\u00e1nku vysv\u011btl\u00edme, co jsou to logy, jak\u00e9 jsou z\u00e1kladn\u00ed typy log\u016f, co by se m\u011blo logovat a z jak\u00fdch zdroj\u016f je sb\u00edrat, aby bylo mo\u017en\u00e9 logov\u00e1n\u00ed efektivn\u011b vyu\u017e\u00edt pro zachov\u00e1n\u00ed hladk\u00e9ho chodu organizace.<\/p>\n\n\n<div class=\"flex items-start gap-4 lg:gap-6 bg-white rounded-2xl lg:rounded-24 p-6 pr-8 lg:p-8 lg:pr-10 my-6 lg:my-10\">\n            <div class=\"flex-shrink-0 size-7\">\n            <svg width=\"28\" height=\"28\" viewBox=\"0 0 28 28\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                <g clip-path=\"url(#clip0_2972_5339)\">\n                <path d=\"M14.0025 28.0049C21.7358 28.0049 28.0049 21.7358 28.0049 14.0025C28.0049 6.26912 21.7358 0 14.0025 0C6.26912 0 0 6.26912 0 14.0025C0 21.7358 6.26912 28.0049 14.0025 28.0049Z\" fill=\"#00E24A\"\/>\n                <path d=\"M12.9659 20V11.2727H15.3864V20H12.9659ZM14.1818 10.1477C13.822 10.1477 13.5133 10.0284 13.2557 9.78977C13.0019 9.54735 12.875 9.25758 12.875 8.92045C12.875 8.58712 13.0019 8.30114 13.2557 8.0625C13.5133 7.82008 13.822 7.69886 14.1818 7.69886C14.5417 7.69886 14.8485 7.82008 15.1023 8.0625C15.3598 8.30114 15.4886 8.58712 15.4886 8.92045C15.4886 9.25758 15.3598 9.54735 15.1023 9.78977C14.8485 10.0284 14.5417 10.1477 14.1818 10.1477Z\" fill=\"white\"\/>\n                <\/g>\n                <defs>\n                <clipPath id=\"clip0_2972_5339\">\n                <rect width=\"28\" height=\"28.0049\" fill=\"white\"\/>\n                <\/clipPath>\n                <\/defs>\n            <\/svg>\n        <\/div>\n    \n    <div class=\"infobox-content leading-normal\"><p><strong>TL;DR<\/strong><\/p>\n<p>Logy zaznamen\u00e1vaj\u00ed ud\u00e1losti generovan\u00e9 opera\u010dn\u00edmi syst\u00e9my, aplikacemi, s\u00ed\u0165ov\u00fdmi za\u0159\u00edzen\u00edmi, cloudy, bezpe\u010dnostn\u00edmi a dal\u0161\u00edmi n\u00e1stroji. IT t\u00fdm\u016fm umo\u017e\u0148uj\u00ed monitorovat provoz, odhalovat probl\u00e9my a analyzovat bezpe\u010dnostn\u00ed incidenty.<\/p>\n<p>Efektivn\u00ed strategie logov\u00e1n\u00ed spo\u010d\u00edv\u00e1 ve sb\u011bru log\u016f z r\u016fzn\u00fdch zdroj\u016f a ve spr\u00e1vn\u00e9m v\u00fdb\u011bru ud\u00e1lost\u00ed, kter\u00e9 maj\u00ed skute\u010dnou hodnotu pro provoz, bezpe\u010dnost i compliance organizace.<\/p>\n<p>Samotn\u00e9 logov\u00e1n\u00ed je t\u0159eba centralizovat pomoc\u00ed log management n\u00e1stroje, aby bylo mo\u017en\u00e9 s logy d\u00e1le pracovat, nap\u0159\u00edklad vytv\u00e1\u0159et alerty p\u0159i ne\u017e\u00e1douc\u00edch ud\u00e1lostech, analyzovat incidenty nebo je dlouhodob\u011b ukl\u00e1dat v bezpe\u010dn\u00e9m \u00falo\u017ei\u0161ti pro pln\u011bn\u00ed regulatorn\u00edch po\u017eadavk\u016f.<\/p>\n<\/div>\n<\/div>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Co to jsou logy?<\/h2>\n\n\n\n<p>Logy jsou strukturovan\u00e9 digit\u00e1ln\u00ed z\u00e1znamy o stavech a ud\u00e1lostech, kter\u00e9 generuje ka\u017ed\u00e1 \u010d\u00e1st IT prost\u0159ed\u00ed, od opera\u010dn\u00edch syst\u00e9m\u016f p\u0159es aplikace a\u017e po s\u00ed\u0165ov\u00e9 a bezpe\u010dnostn\u00ed prvky. IT administr\u00e1tor\u016fm umo\u017e\u0148uj\u00ed logy detailn\u011b sledovat chov\u00e1n\u00ed syst\u00e9m\u016f, identifikovat odchylky od norm\u00e1ln\u00edho provozu a v\u010das odhalit bezpe\u010dnostn\u00ed nebo provozn\u00ed incidenty.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"600\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-1024x600.png\" alt=\"raw log example log management\" class=\"wp-image-3507\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-1024x600.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-300x176.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-768x450.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-1536x900.png 1536w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/raw-log-example-2048x1201.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 1: P\u0159\u00edklad toho, jak m\u016f\u017ee vypadat log v p\u016fvodn\u00ed textov\u00e9 podob\u011b (form\u00e1t syslog).<\/em><\/p>\n\n\n\n<p>Logov\u00e1n\u00ed poskytuje administr\u00e1tor\u016fm d\u016fle\u017eit\u00e9 informace pro spr\u00e1vu, dohled a zabezpe\u010den\u00ed IT prost\u0159ed\u00ed. Mezi typicky sb\u00edran\u00e9 logy pat\u0159\u00ed nap\u0159\u00edklad:<\/p>\n\n\n\n<p><strong>\u2192<\/strong> <strong>Syst\u00e9mov\u00e9 logy: <\/strong>Zaji\u0161\u0165uj\u00ed p\u0159ehled o chodu opera\u010dn\u00edch syst\u00e9m\u016f. M\u011bly by obsahovat informace o spu\u0161t\u011bn\u00ed a zastaven\u00ed slu\u017eeb, syst\u00e9mov\u00fdch chyb\u00e1ch, aktualizac\u00edch a zm\u011bn\u00e1ch konfigurace.<\/p>\n\n\n\n<p><strong>\u2192<\/strong> <strong>Aplika\u010dn\u00ed logy:<\/strong> Poskytuj\u00ed podrobnosti o chov\u00e1n\u00ed aplikac\u00ed, v\u010detn\u011b chyb, varov\u00e1n\u00ed, \u00fasp\u011b\u0161n\u00fdch \u010di ne\u00fasp\u011b\u0161n\u00fdch pokus\u016f o p\u0159ipojen\u00ed a specifick\u00fdch aplika\u010dn\u00edch ud\u00e1lost\u00ed.<\/p>\n\n\n\n<p><strong>\u2192<\/strong> <strong>Bezpe\u010dnostn\u00ed logy: <\/strong>M\u011bly by zahrnovat \u00fadaje o p\u0159ihl\u00e1\u0161en\u00ed a odhl\u00e1\u0161en\u00ed u\u017eivatel\u016f, pokusech o neopr\u00e1vn\u011bn\u00fd p\u0159\u00edstup, zm\u011bn\u00e1ch v opr\u00e1vn\u011bn\u00edch, detekci malwaru nebo neobvykl\u00fdch aktivit\u00e1ch.<\/p>\n\n\n\n<p><strong>\u2192<\/strong> <strong>S\u00ed\u0165ov\u00e9 logy:<\/strong> Sleduj\u00ed komunikaci mezi za\u0159\u00edzen\u00edmi v s\u00edti a mohou obsahovat informace o pokusech o naru\u0161en\u00ed, zm\u011bn\u00e1ch v nastaven\u00ed firewallu nebo aktivit\u00e1ch VPN.<\/p>\n\n\n\n<p><strong>\u2192<\/strong> <strong>Logy z firewall\u016f, IDS\/IPS a dal\u0161\u00edch bezpe\u010dnostn\u00edch za\u0159\u00edzen\u00ed:<\/strong> Z\u00e1znamy o ne\u00fasp\u011b\u0161n\u00fdch pokusech o p\u0159ipojen\u00ed, pokusech o exploity a sledov\u00e1n\u00ed podez\u0159el\u00fdch aktivit.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"863\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui-1024x863.png\" alt=\"syslog analyzer logmanager dashboard\" class=\"wp-image-4987\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui-1024x863.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui-300x253.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui-768x647.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui-1536x1294.png 1536w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/11\/syslog-analyzer-logmanager-ui.png 1612w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 2: N\u00e1stroje pro centralizovan\u00fd log management agreguj\u00ed logy z r\u016fzn\u00fdch syst\u00e9m\u016f, aplikac\u00ed, infrastruktury a bezpe\u010dnostn\u00edch \u0159e\u0161en\u00ed, p\u0159i\u010dem\u017e informace z p\u016fvodn\u00edch raw dat interpretuj\u00ed a zobrazuj\u00ed ve srozumiteln\u00e9 podob\u011b. <em>Zde dashboard zobrazuj\u00edc\u00ed autentiza\u010dn\u00ed ud\u00e1losti nap\u0159\u00ed\u010d organizac\u00ed.<\/em> (Logmanager)<\/em><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><em><strong>Pozn\u00e1mka:<\/strong><\/em><\/p>\n\n\n\n<p><em>Ka\u017ed\u00e9 za\u0159\u00edzen\u00ed, slu\u017eba \u010di aplikace loguj\u00ed ud\u00e1losti trochu jinak. Jin\u00fdmi slovy, je b\u011b\u017en\u00e9, \u017ee ka\u017ed\u00fd v\u00fdrobce za\u0159\u00edzen\u00ed\/syst\u00e9mu\/aplikace vytv\u00e1\u0159\u00ed zpr\u00e1vu (log) jin\u00fdm zp\u016fsobem, tedy s r\u016fzn\u00fdmi polo\u017ekami a jinak popsan\u00fdmi z\u00e1znamy o ud\u00e1lostech. Loguje se nav\u00edc v r\u016fzn\u00fdch form\u00e1tech, kdy nej\u010dast\u011bj\u0161\u00ed je <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/co-je-syslog\/\" data-type=\"link\" data-id=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/co-je-syslog\/\">syslog<\/a> (op\u011bt m\u016f\u017ee m\u00edt r\u016fznou podobu v z\u00e1vislosti na zdroji), JSON, CEF a LEEF.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Co by se m\u011blo logovat<\/h2>\n\n\n\n<p>Efektivn\u00ed logov\u00e1n\u00ed nestoj\u00ed jen na sb\u011bru dat, ale tak\u00e9 na v\u00fdb\u011bru t\u011bch spr\u00e1vn\u00fdch informac\u00ed. To, co se loguje, ur\u010duje, jak rychle dok\u00e1\u017e\u00ed IT t\u00fdmy reagovat na incident, odhalit chybu nebo vysledovat ne\u017e\u00e1douc\u00ed zm\u011bny v syst\u00e9mu.<\/p>\n\n\n\n<p>Kl\u00ed\u010dov\u00e9 je proto zam\u011b\u0159it se na ud\u00e1losti, kter\u00e9 maj\u00ed re\u00e1ln\u00fd dopad na bezpe\u010dnost, dostupnost a spr\u00e1vu IT prost\u0159ed\u00ed.<\/p>\n\n\n\n<p>Mezi ty nejd\u016fle\u017eit\u011bj\u0161\u00ed pat\u0159\u00ed nap\u0159\u00edklad aktivita u\u017eivatel\u016f, zm\u011bny v konfigurac\u00edch, chybov\u00e9 stavy \u010di s\u00ed\u0165ov\u00e1 komunikace. Pr\u00e1v\u011b tyto z\u00e1znamy tvo\u0159\u00ed z\u00e1klad pro auditn\u00ed stopu, detekci hrozeb i proaktivn\u00ed \u00fadr\u017ebu syst\u00e9m\u016f.<\/p>\n\n\n\n<p>Pro lep\u0161\u00ed p\u0159edstavu si uve\u010fme n\u011bkter\u00e9 konkr\u00e9tn\u00ed typy ud\u00e1lost\u00ed, kter\u00e9 by v r\u00e1mci spr\u00e1vn\u011b nastaven\u00e9ho logov\u00e1n\u00ed nem\u011bly chyb\u011bt.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Bezpe\u010dnost a detekce hrozeb<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>P\u0159\u00edstupy u\u017eivatel\u016f:<\/strong>&nbsp;Z\u00e1znamy o tom, kdo se p\u0159ihl\u00e1sil a kdy, v\u010detn\u011b IP adres, metod ov\u011b\u0159en\u00ed a informac\u00ed k p\u0159\u00edstupu ke konkr\u00e9tn\u00edm zdroj\u016fm. D\u016fle\u017eit\u00e9 zejm\u00e9na u administr\u00e1torsk\u00fdch nebo privilegovan\u00fdch \u00fa\u010dt\u016f.<\/li>\n\n\n\n<li><strong>Ne\u00fasp\u011b\u0161n\u00e9 pokusy o p\u0159ihl\u00e1\u0161en\u00ed:<\/strong>&nbsp;Logy informuj\u00edc\u00ed o ne\u00fasp\u011b\u0161n\u00fdch pokusech o p\u0159ihl\u00e1\u0161en\u00ed s \u010dasov\u00fdmi \u00fadaji, u\u017eivatelsk\u00fdmi jm\u00e9ny a IP adresami zdroje. D\u016fle\u017eit\u00e9 pro detekci \u00fatok\u016f hrubou silou nebo zneu\u017eit\u00ed p\u0159ihla\u0161ovac\u00edch \u00fadaj\u016f.<\/li>\n\n\n\n<li><strong>Zm\u011bny opr\u00e1vn\u011bn\u00ed:<\/strong>&nbsp;Logy zaznamen\u00e1vaj\u00edc\u00ed ud\u00e1losti, kdy dojde ke zm\u011bn\u011b u\u017eivatelsk\u00fdch rol\u00ed nebo opr\u00e1vn\u011bn\u00ed, p\u0159\u00edpadn\u011b kdy u\u017eivatel\u00e9 p\u0159ejdou do re\u017eimu s vy\u0161\u0161\u00edmi pr\u00e1vy.<\/li>\n\n\n\n<li><strong>Zablokovan\u00e1 spojen\u00ed:<\/strong>&nbsp;Logy o zablokov\u00e1n\u00ed provozu ze strany firewallu, WAFu nebo koncov\u00fdch bod\u016f p\u0159i komunikaci se zn\u00e1m\u00fdmi \u0161kodliv\u00fdmi IP adresami nebo dom\u00e9nami.<\/li>\n\n\n\n<li><strong>Neobvykl\u00fd p\u0159\u00edstup k dat\u016fm:<\/strong>&nbsp;Sledujte pokusy o p\u0159\u00edstup k chr\u00e1n\u011bn\u00fdm soubor\u016fm, datab\u00e1z\u00edm nebo API \u2013 zejm\u00e9na mimo b\u011b\u017en\u00e9 vzorce chov\u00e1n\u00ed.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"679\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-Admin-Action-log-file-1024x679.png\" alt=\"MS365 Admin Action log file\" class=\"wp-image-3862\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-Admin-Action-log-file-1024x679.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-Admin-Action-log-file-300x199.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-Admin-Action-log-file-768x509.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-Admin-Action-log-file.png 1081w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 3: Uk\u00e1zka logu informuj\u00edc\u00edho o akci administr\u00e1tora v MS365. IT administr\u00e1tor upravil pravidla p\u0159epos\u00edl\u00e1n\u00ed po\u0161ty, co\u017e m\u016f\u017ee nazna\u010dovat chybnou konfiguraci nebo v hor\u0161\u00edm p\u0159\u00edpad\u011b \u0161kodliv\u00e9ho insidera \u010di kompromitovan\u00fd \u00fa\u010det. Takov\u00e9 chov\u00e1n\u00ed p\u0159edstavuje potenci\u00e1ln\u00ed riziko \u00faniku dat. (Zjednodu\u0161en\u00fd log<\/em> z\u00e1znam)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"680\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/VPN-Login-log-file-1024x680.png\" alt=\"VPN Login log file\" class=\"wp-image-3866\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/VPN-Login-log-file-1024x680.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/VPN-Login-log-file-300x199.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/VPN-Login-log-file-768x510.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/VPN-Login-log-file.png 1081w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 4: Log \u00fasp\u011b\u0161n\u00e9ho p\u0159ihl\u00e1\u0161en\u00ed k VPN. U\u017eivatel se \u00fasp\u011b\u0161n\u011b p\u0159ipojil k VPN pomoc\u00ed FortiClientu. Tyto informace jsou kl\u00ed\u010dov\u00e9 pro audit bezpe\u010dn\u00e9ho vzd\u00e1len\u00e9ho p\u0159\u00edstupu a detekci neobvykl\u00fdch lokac\u00ed nebo vzorc\u016f p\u0159ihl\u00e1\u0161en\u00ed.<\/em> <em>(Zjednodu\u0161en\u00fd log<\/em> z\u00e1znam)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Provoz IT a monitoring infrastruktury<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>System health:<\/strong> Logy zaznamen\u00e1vaj\u00edc\u00ed stav syst\u00e9mu, jako je vyu\u017eit\u00ed CPU, pam\u011bti, disku a hardwarov\u00e9 chyby (nap\u0159. selh\u00e1n\u00ed RAID, p\u0159eh\u0159\u00edv\u00e1n\u00ed).<\/li>\n\n\n\n<li><strong>Stav slu\u017eeb:<\/strong>&nbsp;Spu\u0161t\u011bn\u00ed, zastaven\u00ed, p\u00e1dy nebo restartov\u00e1n\u00ed slu\u017eeb a zaznamen\u00e1vejte n\u00e1vratov\u00e9 k\u00f3dy \u010di chybov\u00e9 hl\u00e1\u0161ky.<\/li>\n\n\n\n<li><strong>P\u0159ipojen\u00ed za\u0159\u00edzen\u00ed:<\/strong>&nbsp;Logy informuj\u00edc\u00ed o za\u0159\u00edzen\u00edch, kter\u00e1 se p\u0159ipojuj\u00ed nebo odpojuj\u00ed od s\u00edt\u011b, v\u010detn\u011b MAC\/IP adres a ud\u00e1lost\u00ed t\u00fdkaj\u00edc\u00edch se DHCP.<\/li>\n\n\n\n<li><strong>V\u00fdkonnostn\u00ed probl\u00e9my:<\/strong>&nbsp;Pomal\u00e9 datab\u00e1zov\u00e9 dotazy, dlouh\u00e9 odezvy nebo p\u0159et\u00ed\u017een\u00ed front v syst\u00e9mech pro zpracov\u00e1n\u00ed \u00faloh na pozad\u00ed.<\/li>\n\n\n\n<li><strong>Neobvykl\u00fd s\u00ed\u0165ov\u00fd provoz:<\/strong>&nbsp;Zaznamen\u00e1vejte spojen\u00ed na neobvykl\u00e9 nebo ciz\u00ed IP adresy, nezn\u00e1m\u00e9 porty \u010di ne\u010dekan\u00e9 protokoly.<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"740\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/Cisco-switch-port-down-log-file-1024x740.png\" alt=\"Cisco switch port down log file\" class=\"wp-image-3860\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/Cisco-switch-port-down-log-file-1024x740.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/Cisco-switch-port-down-log-file-300x217.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/Cisco-switch-port-down-log-file-768x555.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/Cisco-switch-port-down-log-file.png 1081w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 5: Z\u00e1znam logu ukazuj\u00edc\u00ed, \u017ee port na Cisco switchi neo\u010dek\u00e1van\u011b vypadl, pravd\u011bpodobn\u011b kv\u016fli flappingu nebo po\u0161kozen\u00e9mu kabelu.<\/em> <em>Takov\u00fd z\u00e1znam pom\u00e1h\u00e1 provozn\u00edm IT t\u00fdm\u016fm rychle identifikovat probl\u00e9my na fyzick\u00e9 vrstv\u011b, nestabilitu hardwaru nebo odpojen\u00e1 za\u0159\u00edzen\u00ed.<\/em> <em>(Zjednodu\u0161en\u00fd log<\/em> z\u00e1znam)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>IT compliance a audit<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>P\u0159\u00edstup k citliv\u00fdm dat\u016fm:<\/strong>&nbsp;Zaznamen\u00e1vejte, kdo zobrazil, upravil nebo smazal osobn\u00ed, finan\u010dn\u00ed \u010di regulovan\u00e1 data.<\/li>\n\n\n\n<li><strong>Poru\u0161en\u00ed z\u00e1sad:<\/strong>&nbsp;Logujte ud\u00e1losti, p\u0159i kter\u00fdch do\u0161lo k poru\u0161en\u00ed p\u0159\u00edstupov\u00fdch pravidel, nap\u0159\u00edklad p\u0159ihl\u00e1\u0161en\u00ed mimo pracovn\u00ed dobu nebo z omezen\u00fdch geografick\u00fdch oblast\u00ed.<\/li>\n\n\n\n<li><strong>Auditn\u00ed stopa zm\u011bn:<\/strong>&nbsp;Sledujte, kdo provedl zm\u011bny v syst\u00e9mov\u00e9 konfiguraci, bezpe\u010dnostn\u00edm nastaven\u00ed nebo u\u017eivatelsk\u00fdch opr\u00e1vn\u011bn\u00edch, a to v\u010detn\u011b \u010dasov\u00fdch \u00fadaj\u016f a p\u016fvodn\u00edch vs. nov\u00fdch hodnot.<\/li>\n\n\n\n<li><strong>Integrita log\u016f:<\/strong>&nbsp;Zaznamen\u00e1vejte ud\u00e1losti souvisej\u00edc\u00ed s pokusy o manipulaci s logy, maz\u00e1n\u00edm logovac\u00edch soubor\u016f nebo selh\u00e1n\u00edm samotn\u00e9 logovac\u00ed slu\u017eby.<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"740\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-File-Deletion-log-file-1024x740.png\" alt=\"MS365 File Deletion log file\" class=\"wp-image-3864\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-File-Deletion-log-file-1024x740.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-File-Deletion-log-file-300x217.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-File-Deletion-log-file-768x555.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/MS365-File-Deletion-log-file.png 1081w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 6: Smaz\u00e1n\u00ed souboru v MS365. U\u017eivatel h.bauer smazal citliv\u00fd soubor ze SharePoint Online. Log zaznamen\u00e1vaj\u00edc\u00ed maz\u00e1n\u00ed citliv\u00fdch soubor\u016f <em>je d\u016fle\u017eit\u00fd pro prevenci \u00faniku dat a auditov\u00e1n\u00ed p\u0159\u00edstup\u016f.<\/em> (Zjednodu\u0161en\u00fd log<\/em> z\u00e1znam)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Alertov\u00e1n\u00ed pro administr\u00e1tory a bezpe\u010dnostn\u00ed mana\u017eery<\/h2>\n\n\n\n<p>V\u010dasn\u00e9 a relevantn\u00ed upozorn\u011bn\u00ed na podez\u0159elou nebo neobvyklou aktivitu je z\u00e1sadn\u00ed pro udr\u017een\u00ed bezpe\u010dn\u00e9ho a stabiln\u00edho IT prost\u0159ed\u00ed. Alertov\u00e1n\u00ed umo\u017e\u0148uje administr\u00e1tor\u016fm i bezpe\u010dnostn\u00edm mana\u017eer\u016fm reagovat okam\u017eit\u011b na ne\u017e\u00e1douc\u00ed ud\u00e1losti.<\/p>\n\n\n\n<p>Logy nicm\u00e9n\u011b samy o sob\u011b alertovac\u00ed funkci nezast\u00e1vaj\u00ed. Je pot\u0159eba <a href=\"https:\/\/logmanager.com\/cs\/reseni\/log-management\/\">log management n\u00e1stroj<\/a>, kter\u00fd na z\u00e1klad\u011b definovan\u00fdch pravidel um\u00ed alert vytvo\u0159it a odeslat.<\/p>\n\n\n\n<p>Spr\u00e1vn\u011b nastaven\u00fd syst\u00e9m alert\u016f by pak m\u011bl automaticky detekovat a hl\u00e1sit nap\u0159\u00edklad pokusy o neautorizovan\u00fd p\u0159\u00edstup, zm\u011bny bezpe\u010dnostn\u00edch nastaven\u00ed, zn\u00e1mky malwaru nebo pokusy o \u00fanik dat.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"759\" height=\"552\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/port-scan-alert-log-analysis.png\" alt=\"port scan alert example log analysis\" class=\"wp-image-3542\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/port-scan-alert-log-analysis.png 759w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/03\/port-scan-alert-log-analysis-300x218.png 300w\" sizes=\"auto, (max-width: 759px) 100vw, 759px\" \/><\/figure>\n\n\n\n<p class=\"has-sm-font-size\"><em>Obr. 7: Uk\u00e1zka emailov\u00e9ho alertu upozor\u0148uj\u00edc\u00edho administr\u00e1tora na <a href=\"https:\/\/cs.wikipedia.org\/wiki\/Skenov\u00e1n\u00ed_port\u016f\" data-type=\"link\" data-id=\"https:\/\/cs.wikipedia.org\/wiki\/Skenov\u00e1n\u00ed_port\u016f\" target=\"_blank\" rel=\"noopener\">port scan<\/a>, tedy ne\u017e\u00e1douc\u00ed aktivitu \/ hrozbu<\/em>.<\/p>\n\n\n\n<p>Automatizovan\u00e9 alerty je vhodn\u00e9 nastavit pro kritick\u00e9 ud\u00e1losti, jako jsou:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Pokusy o neautorizovan\u00fd p\u0159\u00edstup nebo zm\u011bny v konfiguraci.<\/li>\n\n\n\n<li>Vy\u0161\u0161\u00ed po\u010det ne\u00fasp\u011b\u0161n\u00fdch pokus\u016f o p\u0159ihl\u00e1\u0161en\u00ed v kr\u00e1tk\u00e9m \u010dasov\u00e9m obdob\u00ed.<\/li>\n\n\n\n<li>Detekce malware nebo nezn\u00e1m\u00fdch soubor\u016f, kter\u00e9 mohou b\u00fdt vykon\u00e1ny.<\/li>\n\n\n\n<li>Zm\u011bny v nastaven\u00ed firewallu nebo bezpe\u010dnostn\u00edch pravidlech.<\/li>\n\n\n\n<li>D\u016fkaz o pokusu o exfiltraci citliv\u00fdch dat.<\/li>\n<\/ul>\n\n\n\n<p>Stejn\u011b d\u016fle\u017eit\u00e9 jako samotn\u00e1 detekce je v\u0161ak i definov\u00e1n\u00ed \u00farovn\u00ed z\u00e1va\u017enosti alert\u016f. Je proto t\u0159eba spr\u00e1vn\u011b nastavit \u00farovn\u011b z\u00e1va\u017enosti alert\u016f tak, aby administr\u00e1to\u0159i dost\u00e1vali pouze relevantn\u00ed notifikace a nebyli zahlceni nepravdiv\u00fdmi nebo neeskaluj\u00edc\u00edmi upozorn\u011bn\u00edmi.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Testov\u00e1n\u00ed a validace logov\u00e1n\u00ed<\/h2>\n\n\n\n<p>Pravideln\u00e9 testov\u00e1n\u00ed, zda jsou v\u0161echna d\u016fle\u017eit\u00e1 za\u0159\u00edzen\u00ed a aplikace spr\u00e1vn\u011b nakonfigurovan\u00e1, je pro efektivitu logov\u00e1n\u00ed kl\u00ed\u010dov\u00e9. P\u0159itom je t\u0159eba ov\u011b\u0159ovat, zda jsou shroma\u017e\u010fovan\u00e9 logy dostate\u010dn\u011b podrobn\u00e9, relevantn\u00ed a parsovan\u00e9 (je mno\u017en\u00e9 je filtrovat a vyhled\u00e1vat).<\/p>\n\n\n\n<p>Z\u00e1rove\u0148 lze doporu\u010dit prov\u00e1d\u011bt pravideln\u00e9 simulace a testy, jak by logov\u00e1n\u00ed a alertov\u00e1n\u00ed reagovalo v p\u0159\u00edpad\u011b \u00fatok\u016f nebo naru\u0161en\u00ed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Ochrana log\u016f p\u0159ed manipulac\u00ed<\/h2>\n\n\n\n<p>V r\u00e1mci nastaven\u00ed logov\u00e1n\u00ed je t\u0159eba zajistit, \u017ee jsou logy ukl\u00e1d\u00e1ny na bezpe\u010dn\u00e1 m\u00edsta, aby nemohly b\u00fdt zneu\u017eity, zm\u011bn\u011bny \u010di dokonce smaz\u00e1ny. Ulo\u017een\u00e1 data by m\u011bla b\u00fdt chr\u00e1n\u011bna pomoc\u00ed n\u00e1stroj\u016f pro kontrolu p\u0159\u00edstupu (nap\u0159. RBAC) a pravideln\u00fdch audit\u016f.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Zdroje log\u016f\u2028\u2028<\/h2>\n\n\n\n<p>V n\u00e1sleduj\u00edc\u00edm textu si p\u0159edstav\u00edme typick\u00e9 zdroje log\u016f i s p\u0159\u00edklady, co je pot\u0159eba logovat. Mezi nejb\u011b\u017en\u011bj\u0161\u00ed zdroje log dat pat\u0159\u00ed:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Opera\u010dn\u00ed syst\u00e9my<\/li>\n\n\n\n<li>Aplikace<\/li>\n\n\n\n<li>S\u00ed\u0165ov\u00e1 za\u0159\u00edzen\u00ed a infrastruktura<\/li>\n\n\n\n<li>Bezpe\u010dnostn\u00ed za\u0159\u00edzen\u00ed<\/li>\n\n\n\n<li>Z\u00e1lohovac\u00ed syst\u00e9my<\/li>\n\n\n\n<li>IoT a pr\u016fmyslov\u00e1 za\u0159\u00edzen\u00ed<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">1. Opera\u010dn\u00ed syst\u00e9my (OS)<\/h3>\n\n\n\n<p><strong>Windows<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Event logy: Pokusy o p\u0159\u00edstup, ne\u00fasp\u011b\u0161n\u00e9 p\u0159ihl\u00e1\u0161en\u00ed, zm\u011bny nastaven\u00ed, instalace software, chybov\u00e9 stavy, syst\u00e9mov\u00e9 ud\u00e1losti.<\/li>\n\n\n\n<li>Auditn\u00ed logy: Z\u00e1znamy o u\u017eivatelsk\u00e9m p\u0159\u00edstupu, zm\u011bn\u00e1ch opr\u00e1vn\u011bn\u00ed a skupin.<\/li>\n<\/ul>\n\n\n\n<p><strong>Linux\/Unix&nbsp;<\/strong><\/p>\n\n\n\n<p>Z\u00e1le\u017e\u00ed na konkr\u00e9tn\u00ed distribuci nebo verzi.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\/var\/log\/auth.log: P\u0159ihla\u0161ov\u00e1n\u00ed a odhla\u0161ov\u00e1n\u00ed u\u017eivatel\u016f, SSH p\u0159\u00edstupy, ne\u00fasp\u011b\u0161n\u00e9 pokusy o p\u0159ihl\u00e1\u0161en\u00ed.<\/li>\n\n\n\n<li>\/var\/log\/syslog: Syst\u00e9mov\u00e9 ud\u00e1losti, chyby, varov\u00e1n\u00ed, zm\u011bny v konfigurac\u00edch, stav syst\u00e9mov\u00fdch slu\u017eeb.<\/li>\n\n\n\n<li>\/var\/log\/messages: Chybov\u00e9 hl\u00e1\u0161ky a syst\u00e9mov\u00e9 ud\u00e1losti.<\/li>\n\n\n\n<li>\/var\/log\/secure: Bezpe\u010dnostn\u00ed ud\u00e1losti, v\u010detn\u011b pokus\u016f o z\u00edsk\u00e1n\u00ed p\u0159\u00edstupu k syst\u00e9mov\u00fdm zdroj\u016fm.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. Aplika\u010dn\u00ed logy<\/h3>\n\n\n\n<p><strong>Webov\u00e9 servery<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Apache\/Nginx<\/li>\n<\/ul>\n\n\n\n<p>&#8211; access.log: Z\u00e1znamy o HTTP po\u017eadavc\u00edch (IP adresy, URL, \u010dasy, status k\u00f3dy, u\u017eivatelsk\u00e9 agenty).<\/p>\n\n\n\n<p>&#8211; error.log: Chyby, varov\u00e1n\u00ed, ne\u00fasp\u011b\u0161n\u00e9 po\u017eadavky, probl\u00e9my s konfigurac\u00ed.<\/p>\n\n\n\n<p><strong>Datab\u00e1ze<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>MySQL\/PostgreSQL<\/li>\n<\/ul>\n\n\n\n<p>&#8211; error.log: Chyby p\u0159ipojen\u00ed, probl\u00e9my s SQL dotazy, varov\u00e1n\u00ed o v\u00fdkonnostn\u00edch probl\u00e9mech.<\/p>\n\n\n\n<p>&#8211; general.log: Z\u00e1znamy v\u0161ech SQL dotaz\u016f (pokud je zapnuto), co\u017e je u\u017eite\u010dn\u00e9 pro audit a detekci SQL injekc\u00ed.<\/p>\n\n\n\n<p><strong>Mail servery<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sendmail, Postfix<\/li>\n<\/ul>\n\n\n\n<p>&#8211; mail.log: P\u0159ijat\u00e9 a odeslan\u00e9 e-maily, pokusy o doru\u010den\u00ed, chyby doru\u010den\u00ed.<\/p>\n\n\n\n<p><strong>Aplika\u010dn\u00ed logy<\/strong><\/p>\n\n\n\n<p>&#8211; Logy chyb a v\u00fdjimek: Z\u00e1znamy o chyb\u00e1ch p\u0159i prov\u00e1d\u011bn\u00ed k\u00f3du, neo\u010dek\u00e1van\u00fdch v\u00fdjimk\u00e1ch, nespr\u00e1vn\u00e9m chov\u00e1n\u00ed aplikace.<\/p>\n\n\n\n<p>&#8211; Auditn\u00ed logy: Z\u00e1znamy o p\u0159\u00edstupu k citliv\u00fdm funkc\u00edm aplikace nebo citliv\u00fdm dat\u016fm.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. S\u00ed\u0165ov\u00e1 za\u0159\u00edzen\u00ed a infrastruktura<\/h3>\n\n\n\n<p><strong>Firewally (nap\u0159. Fortigate, Cisco ASA, pfSense<\/strong>)<\/p>\n\n\n\n<p>&#8211; Logy o p\u0159ipojen\u00ed: Pokusy o p\u0159ipojen\u00ed (\u00fasp\u011b\u0161n\u00e9 a ne\u00fasp\u011b\u0161n\u00e9), blokovan\u00e9 a povolen\u00e9 porty, zm\u011bny v nastaven\u00ed firewallu.<\/p>\n\n\n\n<p>&#8211; Logy o \u00fatoc\u00edch: Detekce pokus\u016f o DDoS, skenov\u00e1n\u00ed port\u016f, podez\u0159el\u00e9 aktivity.<\/p>\n\n\n\n<p><strong>Intrusion Detection\/Prevention Systems (IDS\/IPS)<\/strong><\/p>\n\n\n\n<p>&#8211; Snort, Suricata: Alerty na detekci \u00fatok\u016f, okusy o zneu\u017eit\u00ed zranitelnost\u00ed (nap\u0159. SQL injection, cross-site scripting), pokusy o exploitaci.<\/p>\n\n\n\n<p><strong>Load balancery a reverse proxy servery<\/strong><\/p>\n\n\n\n<p>&#8211; HAProxy, F5: Logy o distribuci provozu, z\u00e1znamy o sm\u011brov\u00e1n\u00ed provozu mezi servery, v\u00fdpadky server\u016f, latence.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Bezpe\u010dnostn\u00ed za\u0159\u00edzen\u00ed<\/h3>\n\n\n\n<p><strong>VPN servery<\/strong><\/p>\n\n\n\n<p>&#8211; Logy o p\u0159ipojen\u00ed: P\u0159ihl\u00e1\u0161en\u00ed a odhl\u00e1\u0161en\u00ed u\u017eivatel\u016f, ne\u00fasp\u011b\u0161n\u00e9 pokusy, IP adresy, \u010dasov\u00e9 zna\u010dky, \u00fadaje o \u0161ifrov\u00e1n\u00ed (nap\u0159. OpenVPN, Cisco AnyConnect).<\/p>\n\n\n\n<p><strong>Antivirov\u00e9 a antimalwarov\u00e9 syst\u00e9my<\/strong><\/p>\n\n\n\n<p>&#8211; Logy o detekovan\u00fdch hrozb\u00e1ch: Detekce vir\u016f, malwaru, neobvykl\u00fdch aktivit, odstran\u011bn\u00ed hrozeb.<\/p>\n\n\n\n<p>&#8211; Logy o aktualizac\u00edch: Informace o aktu\u00e1lnosti definic vir\u016f a antivirov\u00fdch datab\u00e1z\u00ed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5. Z\u00e1lohovac\u00ed syst\u00e9my<\/h3>\n\n\n\n<p><strong>Backup softwary (nap\u0159. Veeam, Bacula):<\/strong><\/p>\n\n\n\n<p>&#8211; Logy z\u00e1loh: \u00dasp\u011b\u0161nost a ne\u00fasp\u011b\u0161nost z\u00e1lohov\u00e1n\u00ed, chyby p\u0159i z\u00e1lohov\u00e1n\u00ed, \u010dasov\u00e9 \u00fadaje o proveden\u00ed z\u00e1loh.<\/p>\n\n\n\n<p><strong>Cloudov\u00e9 z\u00e1lohy:<\/strong><\/p>\n\n\n\n<p>&#8211; Logy o stavu z\u00e1loh: Informace o synchronizaci a \u00fasp\u011b\u0161nosti z\u00e1lohov\u00e1n\u00ed dat v cloudu (nap\u0159. Amazon S3, Google Drive).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">6. Bezpe\u010dnostn\u00ed incidenty a monitorov\u00e1n\u00ed<\/h3>\n\n\n\n<p><strong>Zranitelnosti a patch management:<\/strong><\/p>\n\n\n\n<p>&#8211; Logy o patchov\u00e1n\u00ed: Z\u00e1znamy o aplikov\u00e1n\u00ed patch\u016f, aktualizac\u00edch a oprav\u00e1ch zranitelnost\u00ed.<\/p>\n\n\n\n<p><strong>Bezpe\u010dnostn\u00ed incidenty:<\/strong><\/p>\n\n\n\n<p>&#8211; Logy o podez\u0159el\u00e9 aktivit\u011b: Logov\u00e1n\u00ed by m\u011blo zahrnovat z\u00e1znamy o neobvykl\u00e9m chov\u00e1n\u00ed (nap\u0159. v\u00edce pokus\u016f o p\u0159ihl\u00e1\u0161en\u00ed z r\u016fzn\u00fdch m\u00edst), zm\u011bn\u00e1ch pr\u00e1v u\u017eivatel\u016f, zm\u011bn\u00e1ch konfigurace, detekci malware a jin\u00e9 bezpe\u010dnostn\u00ed incidenty.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">7. IoT a pr\u016fmyslov\u00e1 za\u0159\u00edzen\u00ed<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IoT za\u0159\u00edzen\u00ed (kamery, senzory, syst\u00e9my pro spr\u00e1vu budov): Z\u00e1znamy o p\u0159ipojen\u00ed, zm\u011bn\u00e1ch konfigurace, chyb\u00e1ch a bezpe\u010dnostn\u00edch ud\u00e1lostech.<\/li>\n\n\n\n<li>SCADA syst\u00e9my: Monitorov\u00e1n\u00ed a logov\u00e1n\u00ed dat o provozu pr\u016fmyslov\u00fdch za\u0159\u00edzen\u00ed, bezpe\u010dnostn\u00edch incidentech.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Centralizujte logov\u00e1n\u00ed profesion\u00e1ln\u00edm n\u00e1strojem<\/h2>\n\n\n\n<p>Logov\u00e1n\u00ed m\u00e1 v r\u00e1mci intern\u00edho IT firem a organizac\u00ed nezastupiteln\u00e9 m\u00edsto.<\/p>\n\n\n\n<p>P\u0159i \u0159e\u0161en\u00ed ne\u010dekan\u00fdch ud\u00e1lost\u00ed je ale p\u0159\u00edstup k log\u016fm p\u0159\u00edmo na jednotliv\u00fdch za\u0159\u00edzen\u00edch nepraktick\u00fd. Vy\u017eaduje detailn\u00ed znalost zp\u016fsobu logov\u00e1n\u00ed ka\u017ed\u00e9ho syst\u00e9mu a \u010dasto v\u00fdrazn\u011b prodlu\u017euje reak\u010dn\u00ed dobu p\u0159i \u0159e\u0161en\u00ed incident\u016f.<\/p>\n\n\n\n<p>Proto organizace vyu\u017e\u00edvaj\u00ed specializovan\u00e9 n\u00e1stroje pro spr\u00e1vu log\u016f. K dispozici je cel\u00e1 \u0159ada open-source \u0159e\u0161en\u00ed (nap\u0159\u00edklad&nbsp;<strong>syslog-ng<\/strong>&nbsp;nebo&nbsp;<strong>Grafana Loki<\/strong>) i profesion\u00e1ln\u00edch komer\u010dn\u00edch platforem (nap\u0159\u00edklad&nbsp;<strong>Logmanager<\/strong>). Ty dok\u00e1\u017eou prom\u011bnit logy v n\u00e1stroj, kter\u00fd v\u00fdznamn\u011b pom\u00e1h\u00e1 p\u0159i \u0159e\u0161en\u00ed provozn\u00edch a bezpe\u010dnostn\u00edch probl\u00e9m\u016f a z\u00e1rove\u0148 usnad\u0148uje pln\u011bn\u00ed compliance po\u017eadavk\u016f.<\/p>\n\n\n\n<p>Mezi jejich hlavn\u00ed p\u0159\u00ednosy pat\u0159\u00ed zejm\u00e9na:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>P\u0159edp\u0159ipraven\u00e9 parsery<\/strong>&nbsp;pro r\u016fzn\u00e9 zdroje dat form\u00e1ty, d\u00edky nim\u017e lze logy snadno sb\u00edrat a normalizovat nap\u0159\u00ed\u010d celou infrastrukturou.<\/li>\n\n\n\n<li><strong>Centralizovan\u00e9 ukl\u00e1d\u00e1n\u00ed log\u016f<\/strong>&nbsp;umo\u017e\u0148uj\u00edc\u00ed jejich korelaci a anal\u00fdzu, p\u0159i\u010dem\u017e v\u0161echna data jsou indexov\u00e1na pro rychl\u00e9 fulltextov\u00e9 vyhled\u00e1v\u00e1n\u00ed i forenzn\u00ed \u0161et\u0159en\u00ed.<\/li>\n\n\n\n<li><strong>Vizualizace dat<\/strong>&nbsp;prost\u0159ednictv\u00edm dashboard\u016f, graf\u016f a tabulek, kter\u00e9 usnad\u0148uj\u00ed orientaci v logovac\u00edch datech.<\/li>\n\n\n\n<li><strong>Upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase<\/strong>, d\u00edky nim\u017e jsou nestandardn\u00ed nebo kritick\u00e9 ud\u00e1losti okam\u017eit\u011b detekov\u00e1ny na z\u00e1klad\u011b definovan\u00fdch pravidel.<\/li>\n\n\n\n<li><strong>Dlouhodob\u00e9 a bezpe\u010dn\u00e9 uchov\u00e1v\u00e1n\u00ed log\u016f<\/strong>, kter\u00e9 chr\u00e1n\u00ed data p\u0159ed zm\u011bnami a neopr\u00e1vn\u011bnou manipulac\u00ed a umo\u017e\u0148uje prok\u00e1zat soulad s p\u0159edpisy a regulacemi (nap\u0159. <a href=\"https:\/\/logmanager.com\/cs\/blog\/it-compliance\/role-log-managementu-a-siem-v-novem-zakonu-o-kyberneticke-bezpecnosti\/\" data-type=\"link\" data-id=\"https:\/\/logmanager.com\/cs\/blog\/it-compliance\/role-log-managementu-a-siem-v-novem-zakonu-o-kyberneticke-bezpecnosti\/\">ZoKB<\/a>, PCI-DSS, ISO a dal\u0161\u00ed).<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p>D\u00edky n\u00e1stroj\u016fm centralizuj\u00edc\u00edm logov\u00e1n\u00ed, tedy sb\u011br, spr\u00e1vu, anal\u00fdzu, a ukl\u00e1d\u00e1n\u00ed log\u016f, jako je Logmanager, z\u00edsk\u00e1vaj\u00ed administr\u00e1to\u0159i lep\u0161\u00ed p\u0159ehled o IT prost\u0159ed\u00ed, mohou rychleji a l\u00e9pe reagovat na incidenty, dodr\u017eet <a href=\"https:\/\/logmanager.com\/cs\/blog\/it-compliance\/it-compliance\/\" data-type=\"link\" data-id=\"https:\/\/logmanager.com\/cs\/blog\/it-compliance\/it-compliance\/\">IT compliance<\/a> po\u017eadavky, a v d\u016fsledku zlep\u0161it spr\u00e1vu a zabezpe\u010den\u00ed IT prost\u0159ed\u00ed<\/p>\n\n\n\n<p><strong>\u2192<\/strong> Pokud se chcete o Logmanageru dozv\u011bd\u011bt v\u00edce, m\u016f\u017eete si jej bez z\u00e1vazk\u016f vyzkou\u0161et ve form\u011b <a href=\"https:\/\/logmanager.com\/cs\/trial\/\" data-type=\"page\" data-id=\"1226\">virtu\u00e1ln\u00ed appliance na 7 dn\u016f<\/a> nebo si rezervujte <a href=\"https:\/\/logmanager.com\/cs\/demo\/\" data-type=\"page\" data-id=\"1223\">demo uk\u00e1zku produktu<\/a> s na\u0161\u00edm expertem.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Co jsou to logy? Jak\u00e9 jsou z\u00e1kladn\u00ed typy log\u016f a jejich zdroje? Co je t\u0159eba logovat, aby efektivn\u011b podporovaly spr\u00e1vu a zabezpe\u010den\u00ed IT? Zjist\u011bte v\u00edce.<\/p>\n","protected":false},"author":4,"featured_media":3785,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[33],"tags":[],"class_list":["post-3784","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-log-management"],"acf":[],"_links":{"self":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/posts\/3784","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/comments?post=3784"}],"version-history":[{"count":29,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/posts\/3784\/revisions"}],"predecessor-version":[{"id":6996,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/posts\/3784\/revisions\/6996"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media\/3785"}],"wp:attachment":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media?parent=3784"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/categories?post=3784"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/tags?post=3784"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}