[rsyslog-notify] Forum Thread: Re: Digital signatures & MySQL - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Mon Mar 24 05:15:41 CET 2014
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24426#p24426
Message:
----------
digital signing of logs and databases basically don't mix.
you could sign each log entry individually, but the overhead of doing that
would kill you.
The rsyslog log signing is signing the text logs as a batch, including the
fact that there are not any logs missing from that batch.
The right thing to do is to keep a simple flat-file version of the logs
that is signed, and then when you need to validate your mysql logs, you can
compare them to the flat file.
More information about the rsyslog-notify
mailing list