LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Need help in categorizing the linux logs for pruning.
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-21-2024, 01:41 PM   #1
Jafbot
LQ Newbie
 
Registered: Feb 2024
Posts: 1

Rep: Reputation: 0
Need help in categorizing the linux logs for pruning.

Hi Team,

Thanks in Advance for nay help.

Actually I need to prune linux logs as I'm getting bulk of data on My SIEM C360 which is developed on logstash ELK Stack. I'm not able to categorize that out of linux which type logs can be pruned which are not adding any security value in monitoring.

Feel free to communicate further for any question so we may able to conclude it collaboratively.

Regards,
 
Old 02-21-2024, 08:19 PM   #2
frankbell
LQ Guru
Contributing Member
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,341
Blog Entries: 28

Rep: Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145Reputation: 6145
Does your distro use SystemD? If so, this article should help.

If you have logs in the traditional location of /var/log, this article may prove useful.

You might also check whether you have logrotate installed.

The reason I ask is that logrotate periodically compresses older log data into compressed files, making it easier to cull outdated data.

Welcome to LQ.
 
Old 02-22-2024, 02:43 AM   #3
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,923

Rep: Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319Reputation: 7319
yes, in general you can use logrotate to limit the size of the log files. But only you know what is important for you and what do you want to keep longer.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Back up logs file and create a script showing the backed up logs and the running logs Billy_6052 Programming 5 12-13-2014 02:32 AM
Pruning a huge /usr directory with 'aptitude' fof3 Linux - Newbie 6 01-12-2009 02:22 PM
LXer: Osi prefers open source licence categorization over pruning LXer Syndicated Linux News 0 08-22-2006 05:21 PM
Need some file pruning help... smeenge Linux - Newbie 3 05-22-2004 03:02 AM
Pruning termcap aditya Linux - General 1 09-06-2002 03:03 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:56 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration