The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What logs are syslog formats ?

Discussion in 'General Discussion' started by furquan, Jun 28, 2011.

  1. furquan

    furquan Well-Known Member

    Joined:
    Jul 27, 2002
    Messages:
    425
    Likes Received:
    0
    Trophy Points:
    16
    Hello all :

    Out of all the logs within cpanel, Which of them are syslog formats ? Coz i am building up an syslog server in OSSEC and i need to know the formats of all the logs present in the server.

    Can any one assist with this ?
     
  2. tier2

    tier2 Member
    PartnerNOC

    Joined:
    Dec 24, 2010
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    I am building out a log server with OSSEC now as well. I would be willing to help out and share the results. I have the cPanel Log Location Reference here, but it does not tell you which ones are syslog and which ones are not syslog files. Although to answer your question directly if you are talking about which logs should be specified as syslog files, than any file with one entry per line could be considered a syslog file.

    I recommend getting on their IRC channel one freenode.net and asking your questions in there. I get great responses from there. I also highly recommend the OSSEC Host-Based Intrusion Detection Guide from Syngress. It is not cheap, but it really goes over everything in a very easy to understand way and in the proper order for tackling this project the right way.
     
  3. furquan

    furquan Well-Known Member

    Joined:
    Jul 27, 2002
    Messages:
    425
    Likes Received:
    0
    Trophy Points:
    16
    Hello Tier :

    That is what i am doing at the moment :) i am building a syslog server using OSSEC But its a bit confusing.

    Although my Manager is logging events from the Agents, but i am finding it hard to record exim_mainlog, apache error_logs etc etc.

    If you have implemented it, can you let me know what are the logs we should storing, keeping security in mind.
     
Loading...

Share This Page