how monitor log ? zabbix or kiwi?

Started by Koza Dereza, Jun 18, 2022, 02:04 AM

Previous topic - Next topic

Koza DerezaTopic starter

which system you use for save log from servers?
zabbix ? prtg ? kiwi ? ... ?

Сергей Нижегородцев

Zabbix is very good with Grafana UI


Yes, ;)  zabbix is ��flexible in terms of adding custom things. therefore, I use it can be adapted to any requirements of both the security department and the technical support department


If only you manage your server, then sending notifications about successful authorizations most likely makes no sense. If there are several people, then you can configure checking the connections of someone specific, or all users. That is up to you. I will provide a finished template at the end.

All will be done using the regular functionality of zabbix. On the hosts, nothing needs to be configured, except for issuing read permissions to the log file for the zabbix group. So you have to sacrifice a little local security policy. By default, the system log cannot be read by anyone except root. Fixing that in Centos:

# chgrp zabbix /var/log/secure
# chmod 640 /var/log/secure

and the same in Debian/Ubuntu

# chgrp zabbix /var/log/auth.log
# chmod 640 /var/log/auth.log

All is ready on the host.