Re: How can I get an alert if someone views or changes syslog.
From: Bill Marcum (bmarcum_at_iglou.com.urgent)
Date: 12/14/04
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: How can I get an alert if someone views or changes syslog."
- Previous message: Liam: "How can I get an alert if someone views or changes syslog."
- In reply to: Liam: "How can I get an alert if someone views or changes syslog."
- Next in thread: phn_at_icke-reklam.ipsec.nu: "Re: How can I get an alert if someone views or changes syslog."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 14 Dec 2004 13:08:16 -0500
On 14 Dec 2004 08:51:59 -0800, Liam
<liamhearne@hotmail.com> wrote:
> I need to be able to identify if an individual views, changes or tries
> to delete the syslog on an AIX or Solaris server.
>
> Is there anything freeware available to monitor & alert, or monitor &
> call something else (Tivoli) to alert.
>
> I know we could pick up on changes to the file, but I can't find
> anything that spots someome viewing it..
>
> Liam
Can't you just change the permissions so only a certain group can read
the log? Use an ACL if the OS and file system allow that?
-- cowsay -b "Prepare to be assimoolated! "
- Next message: phn_at_icke-reklam.ipsec.nu: "Re: How can I get an alert if someone views or changes syslog."
- Previous message: Liam: "How can I get an alert if someone views or changes syslog."
- In reply to: Liam: "How can I get an alert if someone views or changes syslog."
- Next in thread: phn_at_icke-reklam.ipsec.nu: "Re: How can I get an alert if someone views or changes syslog."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
