forensic Apache log analysis
I have a problem with a RHEL server and I want to ask you for some advice.
I´m not a security expert so I don´t know which can be the best aproach to
solve my problem.
The problem is that I have several GigaBytes of Apache logs and I need to
look for attacks on it to check if the server has been compromised.
I can manually check some possible attack urls and looking for them on the
logs, but I´m sure there must be tools or technics to do these in the
So, any idea that can help me?
Thank you very much in advance,
redhat-list mailing list