Good day everyone, we have a web based POS PHP program hosted on a VPS. One of the users has his/her account username and password acquired by an unknown person and encoded data to the database through the program. Our program has a function that records date and time but not the IP used by the user to login to the program.
I have access to our Linux server which is running Centos 5 OS, is there a way to get the history of IP addresses that connected to our server through http or our web based program on the specific date and time the data was encoded through netstat command or any software/tools?
I already contacted the tech support of our VPS and they replied that it is the responsibility of the administrator to install software/tools to monitor server activity and logs. Aside from updating our program to include a function that will record the IP of a user whenever he/she logs in, can you guys recommend any Linux software/tools that can monitor daily server activity, specifically one that can record IP address, date and time whenever a user accesses our server via http or our web program?
I read a thread on ipclog & constat, would this tool provide the details I need for daily server activity and logs monitor?
I'm fairly new to the Linux environment and my knowledge in Linux administration is limited. I hope you guys can help me, thank you very much.
No comments:
Post a Comment