Reshaping Federal Logging Requirements 

As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF).