在apache日志中搜索svn访问
[英]Search apache logs for svn access
问题描述
I want to rule out the possibility that a hacker might have accessed a SVN repository. 
我想排除黑客可能已经访问了SVN存储库的可能性。 Checking for commits is easy enough, just look at the SVN log. 检查提交非常简单,只需查看SVN日志即可。 However I want to find out if they simply viewed files (such as config files with passwords and API keys) through SVN. 但是我想找出他们是否只是通过SVN查看了文件(例如带有密码和API密钥的配置文件)。 I read that SVN doesn't keep access logs, so I have to search through the apache access_log. 我读到SVN不保留访问日志,因此我必须搜索apache access_log。
I tried doing a grep for our svn subdomain: grep "svn.our-domain.com" access_log but it came back with nothing found. 我尝试为我们的svn子域做一个grep: grep "svn.our-domain.com" access_log但它返回时没有任何结果。 I found out that our logs strip out the domain and just show you the file or directory being accessed. 我发现我们的日志删除了域,只显示了正在访问的文件或目录。 I decided to do a grep for the word "trunk" instead, and I got a bunch of hits on directories but no specific files. 我决定改写一个“ trunk”一词的grep,结果发现目录中有很多匹配项,但没有特定的文件。
Is there a way to get a log of all files accessed through SVN? 有没有办法获取通过SVN访问的所有文件的日志?
1 个解决方案
解决方案1
0 2015-08-18 12:22:04
At first, configure logging as described in Apache logging section of SVNBook . 首先,按照SVNBook的Apache日志记录部分中所述配置日志记录 。 Then parse high-level log (ie operational log which contains logical operations only). 然后解析高级日志 (即仅包含逻辑操作的操作日志)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.