Inspect and maintain your log files on a regular schedule. Use these methods to secure log files:
Enable logging and send system logs to a dedicated secure log host.
Configure logging to include accurate time information, using Network Time Protocol (NTP) and timestamps.
Review logs for possible incidents and archive them in accordance with a security policy.
Periodically retire log files when they exceed a reasonable size. Maintain copies of the retired files for possible future reference or statistical analysis.