Compliance is a significant factor driving the adoption of log management and security event management (SIEM) systems, but there is often confusion about how compliance relates to logs and event data. Various laws and standards like Sarbanes-Oxley, HIPAA, GDPR, and PCI-DSS influence how organizations manage these logs, each with different objectives and requirements. While laws like SOX do not explicitly mention logs, they affect IT risk management practices, which often involve log retention and review. Compliance mandates may arise from both legal obligations and private organizational standards, with consequences ranging from fines to reputational damage. Effective compliance programs require understanding the diverse objectives behind these mandates and the role of logs as evidence or proof of compliance. Additionally, evolving regulations, such as the GDPR's right to be forgotten, challenge organizations to handle log data responsibly, while upcoming AI-related regulations may further impact compliance practices. The document highlights the importance of a holistic approach to logging for compliance, addressing both technical and regulatory challenges.