Garve Hays, Solutions Architect at Micro Focus:
Check both the operating system and your security solution. Regarding TLS/SSL alone, there have been a menagerie of attacks including DROWN, FREAK, POODLE, Logjam, Heartbleed, and BEAST. Responsible vendors are usually quick to provide updates for exploits or potential vulnerabilities, and in security parlance this means reducing the "attack surface."
- Are we rotating logs and archiving the older ones to "offline" or "nearline" media?
This serves multiple purposes, foremost being that more "bite-sized" logs are easier to evaluate and digest. Human analysts do much better focusing on a more discrete time interval, whereas automated systems can reduce processing time with smaller intervals. Maintaining older events is also important for non-repudiation and backtracking to discover breaches. An audit trail is also necessary for any evidence if it ever comes to an investigation.