Mailinglist Archive: opensuse (4626 mails)

[Clayton <smaug42@xxxxxxxxx>]

> > I know I can go look at /var/log/apache2/access, but I'd like to have
> > some kind of live/realtime monitor so I can see who is logging in (to
> > the secure area) and what they are accessing (all info in the access
> > log).
> >
>
> What is your real concern eh ? sound a bit excessive worring to me,
> maybe you are walking the wrong way...

Walking the wrong way?

On my personal webserver, I know exactly who is logging in... I
created their accounts.  I see when they log in when I check the
webserver logs... I'm simply curious what monitoring tools are out
there for Linux based webservers beyond the most primitive - which is
the logfile itself, and maybe... apachetop.  Are there any real-time
GUI based web access monitoring tools available?

The webserver gets blasted by people looking for primarily php
exploits, although I see probes for my cgi-bin, ruby, MySQL and a few
others.  None of which are installed/available on this webserver.  I
also see random attempts from unknown IPs to log into the secured
area.  I'm interested in seeing this stuff when it happens... not 2 or
3 days later when I happen to remember to look at the logs.

This has to be information that web admins are interested in... and
they must monitor it somehow... but since I'm not a web admin, I don't
know how it's done (beyond browsing weblogs)... thus the question.  I
have this private webserver that I can play with under controlled
conditions.  I own the hardware and the information on the
webserver... I figure it's a good opportunity to learn something.

C.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx