[CentOS] access to httpd logs

Thu Dec 1 21:08:58 UTC 2005
James Pifer <jep at obrien-pifer.com>

> I know you just setup FTP, but consider using SSH instead.
> 
> First off, access to the logs are solved by always running
> the process as root at the end system.  There is no reduced
> security by doing this.
> 
> Secondly, setup 1 regular user on 1 system where you want the
> logs to be localized for processing.  Then have the root user
> of each system SCP the log file to that 1 system as the 1
> regular user.  You'll want to use public key authentication
> (or a Kerberos realm if you want to avoid generating and/or
> copying keys for each system).
> 
> If you're into a more formal setup, CVS or other version
> control or data collection repository check-ins of the log
> files might be ideal.  For CVS (and several others), you can
> use the SSH login.
> 

The analyzing software runs on windows. It's connection options for
looking at logs is file, http, or ftp. What's worse, is I just found
that it apparently does not support passive ftp. I'm trying to get
vsftpd to do active, but either I'm not getting it configured right, or
more likely, the firewall is messing it up. I used to run windows ftp
server for providing the logs when it ran on windows, and ftp'ing was no
problem.

Anyway, that's where I'm at right now. 

James