Try installing Splunk, (be careful to import less than 500mb a day on the free license) then once all your logs are imported you should be able to find what you are looking for. On 27 Jul 2011 07:37, "ESGLinux" <esggrupos@xxxxxxxxx> wrote: > Hi All, > > I have a problem with a RHEL server and I want to ask you for some advice. > I´m not a security expert so I don´t know which can be the best aproach to > solve my problem. > > The problem is that I have several GigaBytes of Apache logs and I need to > look for attacks on it to check if the server has been compromised. > > I can manually check some possible attack urls and looking for them on the > logs, but I´m sure there must be tools or technics to do these in the > correct way. > > So, any idea that can help me? > > Thank you very much in advance, > > ESG > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
