On 12/1/05, James Pifer <jep at obrien-pifer.com> wrote: > > I know you just setup FTP, but consider using SSH instead. > > > > First off, access to the logs are solved by always running > > the process as root at the end system. There is no reduced > > security by doing this. > > > > Secondly, setup 1 regular user on 1 system where you want the > > logs to be localized for processing. Then have the root user > > of each system SCP the log file to that 1 system as the 1 > > regular user. You'll want to use public key authentication > > (or a Kerberos realm if you want to avoid generating and/or > > copying keys for each system). > > > > If you're into a more formal setup, CVS or other version > > control or data collection repository check-ins of the log > > files might be ideal. For CVS (and several others), you can > > use the SSH login. > > > > The analyzing software runs on windows. It's connection options for > looking at logs is file, http, or ftp. What's worse, is I just found > that it apparently does not support passive ftp. I'm trying to get > vsftpd to do active, but either I'm not getting it configured right, or > more likely, the firewall is messing it up. I used to run windows ftp > server for providing the logs when it ran on windows, and ftp'ing was no > problem. > > Anyway, that's where I'm at right now. > > James I've found that there are FAR superior logfile analyzer tools on linux than windows. We ended up sending all our log files from the windows servers we have to a consolidated drop on a linux box and running a linux based analyzer. It gives better information, more detail, etc. Things like splunk, awstats, mod_log_sql (which lets you do live "top links" type things), and any of several other tools available. -- Jim Perrin System Architect - UIT Ft Gordon & US Army Signal Center