Date: Sat, 11 Dec 2004 01:25:58 +0000 (GMT) From: Nielsen <nielsen@memberwebs.com> Cc: freebsd-security@freebsd.org Subject: Re: way to duplicate logs? Message-ID: <20041211012557.E29B0840813@mail.npubs.com> References: <41BA3DD6.5040702@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Bob Ababurko wrote: > Also, is there a way to make more than one copy of these logs?....I am > not sure how this is set up and but I would like to possibly have > another set of logs in place so if someone is editing them, I can catch > it. I know there is a chance that I may be overreacting., but just in > case I want to know. You can forward them to another machine. Add a line like this to your syslog.conf: *.* @hostname And then on the other machine change syslogd to accept (udp log packets) connections from other machines by removing the '-s' flags. Of course if someone is really messing around they'll be able to send bogus logs to your other logging machine too. Cheers, Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041211012557.E29B0840813>