Again, there are pros and cons for each of these methods:
Local storage:
* No need for the logs to be transported, but introduces operational complexity to properly manage rights and permissions on the directories containing the logs.
* Window of opportunity for bad guys to manipulate the logs in case a system gets hacked -- logs cannot necessarily be trusted.
* Operational complexity when doing forensics because of obligation to scour from system to system, each having its local logs.