forensic Apache log analysis
Gareth Llewellyn
gareth at networksaremadeofstring.co.uk
Wed Jul 27 06:42:38 UTC 2011
Try installing Splunk, (be careful to import less than 500mb a day on the
free license) then once all your logs are imported you should be able to
find what you are looking for.
On 27 Jul 2011 07:37, "ESGLinux" <esggrupos at gmail.com> wrote:
> Hi All,
>
> I have a problem with a RHEL server and I want to ask you for some advice.
> I´m not a security expert so I don´t know which can be the best aproach to
> solve my problem.
>
> The problem is that I have several GigaBytes of Apache logs and I need to
> look for attacks on it to check if the server has been compromised.
>
> I can manually check some possible attack urls and looking for them on the
> logs, but I´m sure there must be tools or technics to do these in the
> correct way.
>
> So, any idea that can help me?
>
> Thank you very much in advance,
>
> ESG
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list