sftp logging and parsing
mike tancsa
mike at sentex.net
Wed May 17 05:03:59 AEST 2023
Our old method of parsing sftp logs is starting to wear a bit thin. For
people who are using OpenSSH for sftp transfers, how are you doing log
management ? How are you parsing it into your SIEM (if you are using
one) ? If so, how ? As part of our compliance and support requirements
we log all the commands per session. Ideally, we would like to
continuously integrate activities into a sql table that we can quickly
query if the need arises. Anyone on the list doing that ? How do you do
it ? Or are people using different products for that ? Users are all in
chrooted environments FYI
---Mike
More information about the openssh-unix-dev
mailing list