Secure and sign the logs

Dear community

I save the logs of my servers in a Graylog server v2.4.6 and I want to know how to secure and sign the logs and be sure about the integrity of the logs.
The objective it’s nobody can edit or remove the logs and if people do that how to know it ?

It’s possible ??

Thank you :wink:


Not out of the box. Sorry :slight_smile:

Thank for your answer but I don’t understand which box do you talk about ?

Sorry Kevin, “out of the box” is a bit of a slang term for “not the way it comes by default” - if you want signed logs, you probably will need a plugin, or a pipeline that uses one of the sha/murmur hash functions to get a hash key, and security/access control on the elasticsearch side to prevent any index that Graylog is not writing to from being modified.

Oh… thank you ! :slight_smile:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.