Securing Small Networks with OpenBSD Part 5
Source: O'Reilly Network - Posted by Nick DeClario   
Server Security Watching pf logs can be exciting for the first few hours, but it soon becomes a boring activity best left to the machines. But first we need to know how OpenBSD manages pf logs. The pf packet logging mechanism uses the standard system logger daemon syslogd to store packet information in /var/log/pflog.. . . Watching pf logs can be exciting for the first few hours, but it soon becomes a boring activity best left to the machines. But first we need to know how OpenBSD manages pf logs. The pf packet logging mechanism uses the standard system logger daemon syslogd to store packet information in /var/log/pflog. The /var/log directory is the place where the system stores most of the important system logs: authlog, daemon, maillog, messages, secure, or wtmp. One important group of logs missing from that directory are HTTP server logs, which are usually stored somewhere else in the directory tree.

Just like maillog or messages, pflog is rotated to make sure that the logs don't bring the system to its knees by filling the filesystem. Log rotation is the job of the newsyslog command that runs every hour by cron.

Read this full article at O'Reilly Network

Only registered users can write comments.
Please login or register.

Powered by AkoComment!