Differences

This shows you the differences between two versions of the page.

--- userguide:sitestats:logconfig [2018/05/01 11:20]
+++ userguide:sitestats:logconfig [2018/05/01 11:40]
@@ Line 2: / Line 2: @@
 [[userguide:servermanagement|Server Management]] > [[userguide:servermanagement:systemsettings|System Settings]] > Data Retention
-===Prefaxe===
+===Preface===
 Like any other Linux server BlueOnyx will also gather logfiles that contain information about system and network related events. Such as which IP addresses tried to connect to which services and what transactions they performed while doing so.
@@ Line 32: / Line 32: @@
       * [[userguide:sitemanagement|Site Management]] > [[userguide:servermanagement:usageinformation|Usage Information]]
+Further processing of such aggregated logfile data is also handled by 'Webalizer', 'SendmailAnalyzer' (both are included in BlueOnyx by default) and optional PKGs such as 'AWStats'.
+As the logfile data (and the generated statistics) contain personal information such as IP addresses this data falls squarely within the scope of the 'GDPR' and must be handled with care.
+==== Data Expiry ====
+The BlueOnyx GUI by default keeps the Virtual Site logfile snippets for 5 years. Individual (shorter) retention periods can be configured on a per Virtual Site level.
+The updates from 30th April 2018 introduce the following changes in that regards:
+      * Possibility to set a maximum "Vsite Usage Information" retention period. This is still set to 5 years by default. But if you set it to a shorter period (example: 1 year), then no Virtual Site may keep their logfiles for longer than that. They can choose a shorter retention period, but not one that exceeds the value defined under "Vsite Usage Information".
+      * Automatic anonymization of IP addresses stored within Virtual Site logfiles aggregated after the updates from 30th April 2018 have been installed. IPv4 IP addresses in these logs will have their 4th octet set to '0' and IPv6 IP addresses will have their last byte stripped off. This provides sufficient anonymization so that an IP address anonymized in this fashion cannot be attributed to a single end-user.
+      * Usage information gathered by 'SendmailAnalyzer' is now also directly anonymized.
+      * Ability to purge existing (unanonymized) Virtual Site logfiles, 'Webalizer', 'AWStats' and 'SendmailAnalyzer' statistics by setting individual checkboxes and saving this page.
+Doing so will remove historical logfiles and statistics, so that from then on only properly anonymized historical usage information is stored for a configurable amount of time.
+==== Additional Services ====
+A BlueOnyx server may also contain other third party additions or modifications which fall under the scope of the 'GDPR'. Compliance of these additional components is outside of the scope of what BlueOnyx provides or stands for.
+==== AV-SPAM ====
+The optional 'AV-SPAM' Package for BlueOnyx also does forms of data retention, depending on how it is configured. Some of that also falls under the scope of the GDPR. For example the feature 'Milter-GeoIP' (if enabled) tracks IP addresses of SMTP- and SMTP-Auth connections and stores them into a MySQL/MariaDB database to aggregate a history of email volume and sender behavior (to track illegal sending attempts). Naturally this information is not anonymized, as that would defeat the purpose. Under the GDPR it may be necessary for you to obtain and preserve documentation of the consent of your email users to this kind of data aggregation.
+However: There is a checkbox named 'AV-SPAM data expiry' which can be set. If set, all MySQL/MariaDB data pertaining to 'Milter-GeoIP' will be expired at the end of the retention period specified under 'Vsite Usage Information'.

wiki.blueonyx.it

User Tools

Site Tools

Differences

Page Tools