Does anyone have any kind of information pertaining to log retention requirements? Here is what I've catpured so far...it would be great if anyone knows of more regulations/laws that I don't have listed here.
PCI -> 6 months
Sarbanes-Oxley -> 7 years
HIPAA -> 6 years
GLBA -> Protect customer's personal financial information by "actively monitoring" logs
Basel II -> 7 years
California Security Breach Information Act (SB 1386) -> Detect unauthorized access to personal data.