Help

Collecting users System logs each night

ckerry
New Contributor

Posted on ‎06-24-2016 08:49 PM

We have a financial institution we are bring on as a client. The are looking to collect all the system logs from each computer every night and keep each for 90 days. I have seen others have scrips to collect system logs at time of an incident when someone is having an issue but nothing that will collect user data for security reason automatically. Can some point me in the correct direction of a 3rd party product of ideas to facilitate this with Casper?

0 Kudos
1 REPLY 1

tobiaslinder
Contributor II
Contributor II

Posted on ‎06-24-2016 11:09 PM

Hi Ckerry

I can recommend you the eei-logs-auto-collect.sh by Alex Kim from UC Berkeley. You can find it in this threat:

https://jamfnation.jamfsoftware.com/discussion.html?id=14108

just let it run as daily policy and set the client side limitation to run only after log rotation so you have the whole day covered.

I use this myself. Just adopted it to mount a WebDAV volume as a destination that is reachable from everywhere.

With best regards, Tobias Linder

0 Kudos