Re: securely access to application logs

kona_iron_at_yahoo.fr
Date: 02/17/05

• Next message: jpd: "Re: Share a scanner in a network server with Debian Linux"
• Previous message: ojailoop_at_yahoo.com: "proftpd and yum"
• In reply to: harv: "Re: securely access to application logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: 17 Feb 2005 12:57:00 -0800

Hi Harv,
Thank you, good advices.

harv wrote:
> kona_iron@yahoo.fr wrote:
> > Hello,
> > We have a lot of Solaris servers with each multiple applications
that
> > generate application logs.
> > Some application logs have to be read by "non privilege" users.
> > We can not give direct accesse on these logs. So the idea is to
have a
> > log server.
> > These applications do not use syslog. So it is not easy to export
these
> > logs to amother servers.
> > What do you suggest me ?
> > We need a solution as secure as possible. So no NFS or Samba
> >
> > Thank's a lot for any advices
> >
> How about using "logger" and sending to a syslog server... bit like
this:
> logger -p local1.notice -t APPSERV01 -f /path/logfile
> should read the file "/path/logfile" line by line and sent it to
syslog
> with the priority of "local1.notice" and tag with "APPSERV01"
> Then setup syslog for remote logging for local1.notice etc.
>
> Might have to get a little more tricky doing something like:
>
> cat <logfile> >> <store log> && logger -p local0.notice -t APPSERV01
-f
> <logfile> && cat /dev/nul > <logfile>
>
> Giving you a full set of log on the application server <store log>
and a
> running log to send to syslog.
>
> Wack it in cron and your away.
>
>
> Other possible options I can think of:
> Is replacing the application log file with a named pipe and running
the
> logger command on that.
> Or even use scp to go and get the files every 5 mins or so if
realtime
> is not that important.
>
> -Harv

---

• Next message: jpd: "Re: Share a scanner in a network server with Debian Linux"
• Previous message: ojailoop_at_yahoo.com: "proftpd and yum"
• In reply to: harv: "Re: securely access to application logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Bad news about Tor ... A "privacy service" would be ideal. ... Attack truly anonymous methods like Tor even though it ... keeps logs and lies about it, but got caught using them to track people ... Servers in the US are a lot safer that servers in most other places, ... (alt.privacy) Re: system container in SMS 2003 ... These logs don't show any AD publishing activity. ... "Publish servers in Active Directory" and subsequent log entries for ... >>> Then I went through and found the system management folder and didn't ... (microsoft.public.sms.setup) RE: Event log counts... ... logs on 47 web servers and all logs on 6 domain controllers and we are ... Subject: Event log counts... ... (Security-Basics) Re: Server loses network - bizzare behavior ... doing anything to the hardware on these servers. ... All errors, except id 12, states about connectivity to the domain DNS servers, ... see Help and Support Center at ... Then a few minutes later in the Application logs this error start ... (microsoft.public.windows.server.general) Re: OT: Indexing and searching logs ... This is more for application logs, app servers, webservers & mail servers etc. ... ...the Sin of Stupidity. ... (Fedora)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Newsgroups  > comp.unix.admin  > 2005-02