User Tools

Site Tools


userguide:sitestats:logconfig

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
userguide:sitestats:logconfig [2018/05/01 11:20]
userguide:sitestats:logconfig [2018/05/25 09:46] (current)
Line 2: Line 2:
 [[userguide:​servermanagement|Server Management]] > [[userguide:​servermanagement:​systemsettings|System Settings]] > Data Retention [[userguide:​servermanagement|Server Management]] > [[userguide:​servermanagement:​systemsettings|System Settings]] > Data Retention
  
-===Prefaxe===+===Preface===
  
 Like any other Linux server BlueOnyx will also gather logfiles that contain information about system and network related events. Such as which IP addresses tried to connect to which services and what transactions they performed while doing so. Like any other Linux server BlueOnyx will also gather logfiles that contain information about system and network related events. Such as which IP addresses tried to connect to which services and what transactions they performed while doing so.
Line 23: Line 23:
 ==== Logfile Retention ==== ==== Logfile Retention ====
  
-(All information hereafter assumes you DO have the updates from 30th April 2018 (and later) installed).+(All information hereafter assumes you DO have the updates from 24th May 2018 (and later) installed).
  
-By default BlueOnyx 5207R/​5208R/​5209R keep 14 days of logfiles in /var/log/. After 14 days these logfiles are deleted from /var/log/.+By default BlueOnyx 5207R/​5208R/​5209R keep 14 days of logfiles in /var/log/. After 14 days these logfiles are deleted from /var/log/. **German BlueOnyx operators are advised to store logfiles for no longer than [[https://​www.blueonyx.it/​index.php?​mact=News,​cntnt01,​detail,​0&​cntnt01articleid=231&​cntnt01origid=54&​cntnt01pagelimit=4&​cntnt01returnid=54|7 days]]**.
  
 However: Some usage information from these logs (pertaining to HTTP, HTTPS, FTP and Email) is extracted daily from the combined logs and is moved over to the /logs/ directories of the individual Virtual Sites that were end-point for that traffic. The information gathered this way is made available to the Server Admin as well as the respective siteAdmin'​s via the BlueOnyx GUI interface in various places, such as: However: Some usage information from these logs (pertaining to HTTP, HTTPS, FTP and Email) is extracted daily from the combined logs and is moved over to the /logs/ directories of the individual Virtual Sites that were end-point for that traffic. The information gathered this way is made available to the Server Admin as well as the respective siteAdmin'​s via the BlueOnyx GUI interface in various places, such as:
Line 32: Line 32:
       * [[userguide:​sitemanagement|Site Management]] > [[userguide:​servermanagement:​usageinformation|Usage Information]]       * [[userguide:​sitemanagement|Site Management]] > [[userguide:​servermanagement:​usageinformation|Usage Information]]
  
 +Further processing of such aggregated logfile data is also handled by '​Webalizer',​ '​SendmailAnalyzer'​ (both are included in BlueOnyx by default) and optional PKGs such as '​AWStats'​.
 +
 +As the logfile data (and the generated statistics) contain personal information such as IP addresses this data falls squarely within the scope of the '​GDPR'​ and must be handled with care. 
 +
 +==== Data Expiry ====
 +
 +The BlueOnyx GUI by default keeps the Virtual Site logfile snippets for 5 years. Individual (shorter) retention periods can be configured on a per Virtual Site level.
 +
 +The updates from 30th April 2018 and 24th May 2018 introduce the following changes in that regards:
 +
 +      * Possibility to set a "​Server Logfile Retention"​ period. This defines how long server logfiles in /var/log/* will be retained. Default is 14 days, but you *have* to check which retention period for logfiles is legally acceptable in your own jurisdiction. For example: **German BlueOnyx operators are advised to store logfiles for no longer than [[https://​www.blueonyx.it/​index.php?​mact=News,​cntnt01,​detail,​0&​cntnt01articleid=231&​cntnt01origid=54&​cntnt01pagelimit=4&​cntnt01returnid=54|7 days]]**.
 +
 +      * Possibility to set a maximum "Vsite Usage Information"​ retention period. This is still set to 5 years by default. But if you set it to a shorter period (example: 1 year), then no Virtual Site may keep their logfiles for longer than that. They can choose a shorter retention period, but not one that exceeds the value defined under "Vsite Usage Information"​.
 +
 +      * Automatic anonymization of IP addresses stored within Virtual Site logfiles aggregated after the updates from 30th April 2018 have been installed. IPv4 IP addresses in these logs will have their 4th octet set to '​0'​ and IPv6 IP addresses will have their last byte stripped off. This provides sufficient anonymization so that an IP address anonymized in this fashion cannot be attributed to a single end-user.
 +
 +      * Usage information gathered by '​SendmailAnalyzer'​ is now also directly anonymized.
 +
 +      * Ability to purge existing (unanonymized) Virtual Site logfiles, '​Webalizer',​ '​AWStats'​ and '​SendmailAnalyzer'​ statistics by setting individual checkboxes and saving this page.
 +
 +Doing so will remove historical logfiles and statistics, so that from then on only properly anonymized historical usage information is stored for a configurable amount of time.
 +
 +==== Additional Services ====
 +
 +A BlueOnyx server may also contain other third party additions or modifications which fall under the scope of the '​GDPR'​. Compliance of these additional components is outside of the scope of what BlueOnyx provides or stands for.
 +
 +==== AV-SPAM ====
 +
 +The optional '​AV-SPAM'​ Package for BlueOnyx also does forms of data retention, depending on how it is configured. Some of that also falls under the scope of the GDPR. For example the feature '​Milter-GeoIP'​ (if enabled) tracks IP addresses of SMTP- and SMTP-Auth connections and stores them into a MySQL/​MariaDB database to aggregate a history of email volume and sender behavior (to track illegal sending attempts). Naturally this information is not anonymized, as that would defeat the purpose. Under the GDPR it may be necessary for you to obtain and preserve documentation of the consent of your email users to this kind of data aggregation.
 +
 +However: There is a checkbox named '​AV-SPAM data expiry'​ which can be set. If set, all MySQL/​MariaDB data pertaining to '​Milter-GeoIP'​ will be expired at the end of the retention period specified under 'Vsite Usage Information'​.
  
-  
  
userguide/sitestats/logconfig.1525137610.txt.gz ยท Last modified: 2018/05/01 11:20 by