On Thu, May 09, 2013 at 02:17:35PM -0600, Kevin Fenzi wrote:
So, the recent fas vulnerability made us realize that we were not collecting and saving httpd logs from staging machines.
I've since added:
app01.stg app02.stg proxy01.stg
Did you leave out fas01.stg on purpose?
to have their httpd logs pulled over to log02 and kept.
This however got me thinking. Since we are moving to a model where each app has it's own server, should we widen the servers we pull httpd logs from? For example, ask01/02? fedocal? blockerbugs?
I think so. If we're looking to analyze logs for tracebacks, errors, etc, then having consolidated logging makes it much easier than logging into our redundant servers for that service.
Or should we figure out a better way to collect and store the httpd logs.
Thoughts?
I don't think we have any ideas for how to do something better immediately... So we probably should just add all the other hosts for now.
-Toshio