Overview
The UCSF IT Enterprise Logging Service (ELS) is a centralized service offering that helps system, application, and service owners meet operational, security, audit, and compliance logging requirements.
ELS provides guidance, onboarding, and support for enterprise logging capabilities, including log collection, retention, traceability, and access management. By partnering with service owners, ELS helps ensure logs are collected, retained, and made available in accordance with organizational standards and operational needs.
How to access
Compliance logging (audit and forensic logging)
ELS supports compliance-focused logging by enabling long-term retention, traceability, and audit readiness across enterprise systems and services.
Logs are retained according to organizational and regulatory requirements, helping ensure that critical events and activities can be reconstructed when needed. These capabilities support:
- Forensic investigations
- Internal and external audits
- Compliance reporting and reviews
- Security incident response and post-incident analysis
ELS partners closely with service owners and operational teams to support logging requirements and facilitate timely access to log data during investigations, incidents, and service disruptions.
Responsibility for compliance logging and regulatory alignment ultimately remains with service owners.
Enterprise logging capabilities
Through the enterprise logging environment, ELS supports:
- Centralized log collection
Aggregates logs from diverse systems and services into a centralized logging environment. - Scalable log ingestion and management
Supports high-volume log collection across distributed and enterprise environments. - Flexible processing and routing
Enables filtering, parsing, enrichment, transformation, and routing of log data to support operational and security needs. - Secure retention and storage
Supports policy-based retention and storage aligned with audit and compliance requirements. - Integration and interoperability
Integrates with monitoring, analytics, security, and incident response tools across the enterprise.
The Enterprise Logging Service helps service owners, departments, and other UCSF groups improve operational visibility, strengthen security monitoring, support compliance obligations, and establish consistent logging practices across the enterprise.
Guidance and support
Learn more about IT’s logging and monitoring framework, roles and responsibilities, and how to request logging and monitoring services on the Logging and Event Management Guidance page.
For questions and support, contact IT Incident Command at [email protected].
How can we help you?
Need assistance?
Do you have issue with this service? Submit an IT Service Desk ticket for more assistance with this service.
We want to hear from you
Have you noticed a technical or content issue with this page? Provide feedback to assist the content owner with enhancing the content?
Send Feedback