[rbldnsd] OT: Advise needed on what RBL operators supposed to
do with logs
William Leibzon
william at completewhois.com
Mon Sep 26 09:40:00 MSD 2005
On Sun, 25 Sep 2005, Jon Lewis wrote:
> But seriously, what do you need from the logs? Either condense out the data
> you want from them, and store just that, or don't log at all.
I try to use them to get summaries, i.e. number of hits, number of individual
query sources, etc. I don't have a very good summary generation program so it
is useful to have logs in case I want to see what it was like few days ago.
In case somebody is reporting an error, I may also sometimes try to see what
logs show for those queries for that time, etc.
In general I'm one of those people who has hard time getting rid of old
staff (yes, my office is a mess) and I keep copies of all logs on the
unix systems just in case too - which is not that unusual since I'm also
into security and you never know when it might come in handy month later...
I guess this is the case where I have to realize that not everything
is worth saving.... I'll start deleting all logs after 5 days now
(and thanks for everyone's information on what to do with the logs -
I understood that removing the log file is not only not unusual but
in fact normal process when one runs one of the more actively used
rbl lists).
---
William Leibzon
mailto: william at completewhois.com
Anti-Spam and Email Security Research Worksite:
http://www.elan.net/~william/emailsecurity/
Whois & DNS Network Investigation Tools:
http://www.completewhois.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 1118 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.corpit.ru/pipermail/rbldnsd/attachments/20050925/8d24b075/smime.bin
More information about the rbldnsd
mailing list