I'm running Buster on a workstation for my office, and I have been wondering about how to streamline my log management. I get logwatch and logcheck reports, as well as a handful of other reports from cron jobs--AIDE, ntp, iptables, auditd, etc. My ideal setup would be to have a separate log server where I can view and process logs, but that just doesn't make sense in this case--I'd only be managing one workstation that rarely gets used except for processing financial transactions.
My problem is that I need to review the logs more regularly for security compliance purposes, but I have to do it from the workstation itself--which is isolated on its own segmented network. Buster now sports Wayland, which means I can't use GKSU for running GUI log viewers. Does anyone have any recommendations here? Am I going about this all wrong? I don't have the resources of an enterprise environment, so I'm trying to figure out how to do this efficiently on the small scale.
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Tips for viewing logs? in GUI?
-
Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 133 times
Re: Tips for viewing logs? in GUI?
https://packages.debian.org/buster/gnome-logs
Add your user to the systemd-journal group to be able to view the logs without root privileges.
Add your user to the systemd-journal group to be able to view the logs without root privileges.
deadbang