Thanks for your prompt reply sir. Please elaborate this statement. 1- "An interesting fact about the way Merkle trees are used in the OpenKSI approach is that they permit to extract a subset of log information and still prove that this information is valid. This is *a very interesting property when you need to present logs as evidence to the court but do not want to disclose unrelated log entries*" 2- Is there any other best way to verify that logs are being sent on TLS.
On Thu, Jan 16, 2014 at 1:57 PM, Rainer Gerhards <[email protected]>wrote: > On Thu, Jan 16, 2014 at 4:53 AM, Muhammad Asif <[email protected]> > wrote: > > > Hi Everyone! > > Hopefully you all log warriors are enjoying good health. > > > > Can anyone help me regarding verification of individual log in > guardtime. I > > can verify the signature of whole file by using the following command. > > > > tools/rsgtutil --verify --show-verified /var/log/logfile > > > > But if we have to verify integrity of a specific log, how can we do it. > > > > Scenario: > > --------------------------------------- > > I have two Open SUSE machines on network with rsyslog version 7.4.7. > > I successful send logs from one machine to other using tls (Encrypted > logs > > received which is verified by wireshark). Signature of Whole logfile is > > verified on both ends. But still unable to verify integrity of a specific > > log. > > > > > > > Not sure if I understood your question correctly. the whole file only > verifies OK if all log entries are correct. So if the whole file is OK, you > know that each log record is fine. > > Rainer > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
