| 1 |
On 9/11/18 6:52 AM, Stefan G. Weichinger wrote: |
| 2 |
> |
| 3 |
> At a customer we were asked to log/protocol all my administrative |
| 4 |
> activity for potential audits etc |
| 5 |
> |
| 6 |
> My admin-work is basically 98% ssh and maybe some additional tasks done |
| 7 |
> via virt-manager (logging the work inside the VMs there is another topic |
| 8 |
> ... I realize that right now). |
| 9 |
> |
| 10 |
> Is there a recommended way to track the logs? Specific setup for |
| 11 |
> syslog-ng or in my case journald? |
| 12 |
> |
| 13 |
> Maybe I should setup remote syslog here? |
| 14 |
> |
| 15 |
> |
| 16 |
|
| 17 |
A bit over-the-top but here is 'LogDevice' which is now opensource. |
| 18 |
|
| 19 |
https://code.fb.com/core-data/logdevice-a-distributed-data-store-for-logs/ |
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
hth, |
| 24 |
James |
Archives