That would be great to have some kind of hashing for log entries/buckets, or any other way to check integrity.
Also that should be possible to generate alerts on an attempt to tamper stored logs.
10.5 Secure audit trails so they cannot
10.5.5 Use file-integrity monitoring or
change-detection software on logs to
ensure that existing log data cannot be
changed... more »