Our old method of parsing sftp logs is starting to wear a bit thin. For
people who are using OpenSSH for sftp transfers, how are you doing log
management ? How are you parsing it into your SIEM (if you are using
one) ? If so, how ? As part of our compliance and support requirements
we log all the commands per session. Ideally, we would like to
continuously integrate activities into a sql table that we can quickly
query if the need arises. Anyone on the list doing that ? How do you do
it ? Or are people using different products for that ? Users are all in
chrooted environments FYI
---Mike
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev