WebApp Sec mailing list archives
Re: Apache log file monitor
From: "James Barkley" <James.Barkley () noaa gov>
Date: Sun, 17 Oct 2004 16:08:26 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On linux use webalizer for stats, logwatch for alerts, and maybe create your own perl or shell script to look for and report specific things (this is not as hard or time-consuming as you might think). You can have these mailed to you via cron, but if you choose to do that I highly reccomend you encrypt the payload via gpg. Create a new key and make sure the secret key has been imported as fully trusted on both sending machine and receiving machine. Here is a sample line to place in your crontab. 55 23 * * * /usr/local/bin/logcheck -d today | /usr/bin/gpg -e -a - --batch -r jane.doe () website com | /bin/mail -s 'webserver daily' jane.doe () website com - -Jim p.s. Create your key as 2048-bit Chris Davis wrote: |I occasionally see you guys talk about what appeared in your Apache |logs the night before. What utilities do you guys use to monitor your |log files? | |Currently I run awstats to record the number of visitors and which |pages were hit more frequently, but it doesn't log the actual URL that |the "visitor" attempted to reach. | |Thanks for any help you can provide. | |Chris Davis |davisfactor () gmail com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBctE4BtvwQGcl/zERAkDaAJ0cLGsLGKFnduIimhDHYxkq4RfzrACeLkZ9 bjjKEhRqHSyGIhiFKo/mSVw= =o0xe -----END PGP SIGNATURE-----
Current thread:
- Apache log file monitor Chris Davis (Oct 15)
- Re: Apache log file monitor Ty Bodell (Oct 16)
- Re: Apache log file monitor Joseph Miller (Oct 16)
- Re: Apache log file monitor James Barkley (Oct 17)
- Re: Apache log file monitor forward (Oct 18)
- <Possible follow-ups>
- Re: Apache log file monitor bugtraq (Oct 16)