Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: which logs to show access
« previous next »
Pages: [1]   Go Down

which logs to show access

  • 1 Replies
  • 688 Views

Offline mcp_dk

  • **
  • 34
  • +0/-0
    • http://lillenet.dk
which logs to show access
« on: December 15, 2008, 03:33:13 PM »
Apparently My SME Server has been compromised. IT may have happened through an unpatched CMS or other. However the authorities would like if i could provide them with some logs about who and when users have been authenticated and logged on.

So Which logs should i look in to if i want to see which users have been logged on the server and when?
Also other logs that could be usefull to look into!?

Logged
Who is General Failure and why is he reading my harddrive?

Offline gzartman

  • *
  • 306
  • +0/-0
    • LEI Engineering & Surveying
Re: which logs to show access
« Reply #1 on: December 15, 2008, 05:57:19 PM »
For a webapp, the best log file is likely:

/var/log/httpd/access_log

Greg
Logged
----
Greg J. Zartman
LEI Engineering & Surveying

SME user and community member since 2000.
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: which logs to show access