Do you keep access logs? How long do you keep them?

I imagine that if you ever got a request, you’d understandably just give in and hand out the data. Have you thought of a canary?

Thanks for all your work!

  • snoweMA
    link
    fedilink
    arrow-up
    78
    ·
    edit-2
    11 months ago

    I’m not in the business of collecting user data and don’t really want to be. In regards to logs, we restart our containers every 6 hours and the logs are wiped at that time, so the furthest back logs I can actually find in our system are from an hour ago.

    And nah, I wouldn’t give in. There’s no real reason to request that information, as accessing a url means absolutely nothing. I did so just now to verify things and the same could be argued by any real user (oh, I clicked on the link and didn’t know what it was going to). I very much doubt the past 6 hours of logs would be useful anyway, as by the time I got the request the logs wouldn’t matter anymore.

    But, I’m still going to see if I can turn off logging for requests. I do not think we need them at all, and if we do, we can simply turn it on for a few minutes to get the info we need.

      • snoweMA
        link
        fedilink
        arrow-up
        12
        ·
        11 months ago

        Thank you for the good post. And at this point, most of the work is being done by Ategon and the other admins. I am mostly here for infrastructure support and general direction of the instance.

    • Die4Ever
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      11 months ago

      as accessing a url means absolutely nothing.

      Hmmm yes I see Google’s search indexer has accessed this URL, they should get sued!