Date: Sat, 11 Dec 2004 01:25:58 +0000 (GMT) From: Nielsen <nielsen@memberwebs.com> Cc: freebsd-security@freebsd.org Subject: Re: way to duplicate logs? Message-ID: <20041211012557.E29B0840813@mail.npubs.com> References: <41BA3DD6.5040702@adelphia.net>
index | next in thread | previous in thread | raw e-mail
Bob Ababurko wrote: > Also, is there a way to make more than one copy of these logs?....I am > not sure how this is set up and but I would like to possibly have > another set of logs in place so if someone is editing them, I can catch > it. I know there is a chance that I may be overreacting., but just in > case I want to know. You can forward them to another machine. Add a line like this to your syslog.conf: *.* @hostname And then on the other machine change syslogd to accept (udp log packets) connections from other machines by removing the '-s' flags. Of course if someone is really messing around they'll be able to send bogus logs to your other logging machine too. Cheers, Natehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041211012557.E29B0840813>