This topic describes management of the /var/log/secure and /var/log/secure.ext logs stored on the CTPView server. The secure log provides an audit trail of user and administrator activity on the CTPView server. All actions performed on the CTPView server through the menu are logged and viewable. These logs do not record actions taken through the CTPView GUI.
Before you begin, log in to the CTPView server and access the CTPView Configuration Menu. See Accessing the CTPView Server Configuration Menu (CTPView Server Menu).
To manage event logs, you must first access the Secure Log Management Menu:
The Main Security Profile Configuration Menu is displayed.
The Secure Log Management Menu is displayed.
To display all secure logs:
Before you perform this operation, you must have the IP address, username, and path to the directory in the user’s account where the files will be copied.
To copy the logs to a remote host using secure copy (scp):
You can enable the secure logs to be automatically logged to one or more remote servers.
To configure remote logging options:
When you enable or disable remote logging, the system logger is shut down and then restarted to either send or stop sending subsequent logs to the remote servers.
To display the remote logging configuration:
The status of remote logging is displayed. When remote logging is enabled, the IP address of the remote logging servers is also displayed.