From Jason Hardin
As we continue our internal discussions about log access and the removal of the Kibana B2 we are looking for client input on the use cases having access to real-time system logs (SIS logs are separate) solve. We want to research how we can solve these problems more directly, and not require administrators to parse through all of the log files.
What questions are the logs used to answer
What information is needed from the logs or otherwise to answer the question.
From the list above, is waiting 4 hours an acceptable amount of time for your institution? If not, what is?