|
|
|
|
|
|
by gzur
2963 days ago
|
|
|
You don't monitor web logs, you ship the logs to cold storage every [crontab spec units for time :)] and monitor your hosts and network for unusual activity. If anything happens, THEN you look at the logs. The signal/noise ratio of the average web host logs makes combing through them just not worth it. There are tons of products out there - have a look at OSSEC (https://www.ossec.net/), it's open source and free. |
|
|