Ideally you should secure all session and transaction logs.
Sessions will be for login logout failed etc and transaction should tell what was the command issues and what happened Tarun From: owasp-delhi-boun...@lists.owasp.org [mailto:owasp-delhi-boun...@lists.owasp.org] On Behalf Of Learner Kid Sent: Tuesday, September 02, 2014 9:09 AM To: owasp-delhi@lists.owasp.org Subject: [OWASP-Delhi] query:Linux web server Logs Hello Everyone, I am a beginner and have a query, please guide: What kind of server logs we need to maintain which can be helpful in investigations. As of now I keep these: 1) Website Access Log /usr/local/apache/logs/access_log /usr/local/apache/domlogs 2) FTP Acees Log /var/log/messages 3) MySQL Access Log /var/lib/mysql called hostname.log and hostname-slow.log where hostname is the short hostname for the machine. 4) Cpanel Access Log /usr/local/cpanel/logs/access_log Thanks & Regards, Learner Kid
_______________________________________________ OWASP-Delhi mailing list OWASP-Delhi@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-delhi LinkedIn Group: https://www.linkedin.com/groups?gid=89270 Twitter: https://twitter.com/OWASPdelhi
