Here is a very quick and easy way to get your Apache2 logs into syslog-ng so you can send them to a central log server or a remote logging server for security in case of a breach.
#/etc/syslog-ng/syslog-ng.conf
#Define a new source that essentially 'tails' the apache logs
source s_apache2 {
file("/var/log/apache2/access.log" flags(no-parse));
file("/var/log/apache2/error_log" flags(no-parse));
};
#Send the logs off to a remote logging server (if required)
destination loghost { tcp("10.0.0.123" port(5140)); };
log { source(s_src); destination(loghost); };
log { source(s_apache2); destination(loghost); };
#Define a new source that essentially 'tails' the apache logs
source s_apache2 {
file("/var/log/apache2/access.log" flags(no-parse));
file("/var/log/apache2/error_log" flags(no-parse));
};
#Send the logs off to a remote logging server (if required)
destination loghost { tcp("10.0.0.123" port(5140)); };
log { source(s_src); destination(loghost); };
log { source(s_apache2); destination(loghost); };