I'm planning to centralize and consolidate all logging for all Linux boxen to one machine, so as to make things easier to administer (and to make auditing and forensics in the event of a breakin easier too). I've already planned out how to direct syslogd to remotely log to the central logging box. (Shell access to the box is only via the local console -- no sshd, telnet, etc.)
However, my current dillema involves those logs not generated by syslogd-- the Apache log files, for example. I would also like to get those log files on the central logging box. I thought of simply mounting /var/log/httpd as an NFS share, but decided against it as it simply defeats the purpose of having a secural central logging box. I am thinking of simply shipping off the log files via a cronjob over ssh, but again that means I have to grant shell access. Anyone know of an alternative or workaround, so I can centralize all logs on that machine? -- JM Ibanez - A million monkeys can't go wrong... http://www.livejournal.com/~jmibanez/ http://www.mycgiserver.com/~butiki/ -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
