Useful Logs

Both servers

  • AppArmor and grsec errors: /var/log/kern.log
  • iptables: /var/log/syslog

Application Server

  • Apache: /var/log/apache2/*

If an error is triggered it’s in the SecureDrop application logs: /var/log/apache2/source-error.log and /var/log/apache2/journalist-error.log

Monitor Server

  • OSSEC

    /var/ossec/logs/ossec.log
    /var/ossec/logs/alerts/alerts.log
    
  • Postfix/Procmail

    /var/log/mail.log
    /var/log/procmail.log