How to encrypt IIS log files?

glenimp617

glenimp617

glenimp617

Soldato
Joined
30 Sep 2005
Posts
16,812
We have a requirement come in to encrypt the log files on our IIS server.

Does anyone have any ideas how I go about this? I assume there's either a setting to do this, or is it a case of having to copy them somewhere and then encrypt?

Help!
 
rhysduck said:
I don't believe there is such a setting in IIS / Windows to do that. Encrypted partition is probably the best.

Can I ask why you require to encrypt your iis logs?
Click to expand...

I think it all started from a GDPR meeting. We do hold personal data coming in from a website we host.

What's some good software to encrypt partitions?
 
skyripper said:
What is your actual requirement? What are you protecting against and from whom?

An encrypted partition in Windows is going to give you protection only against someone getting to the disks who isnt an authorised admin. Any authorised admin will effectively see the IIS logs in plain text.

If you need to protect the contents of the logfiles (which is counter-productive to troubleshooting and normal admin!) then you need some form of logshipping to a secure server or service, or an automated way to encrypt all the logfiles as they are finished with.

Would it be easier to simply not record all that personal information in the logfiles?
Click to expand...

You raise a good point, anyone who hacks the server will still be able to see the data won't they.

Mmmmmm, I'll ask what they are actually wanting to do and why. I think basically it's one of those, we read it online that we need to do it, so do it
 
LizardKing said:
Do you need to log ip's? i suspect having a retention of a day should be fine (gdpr is more risk based than a list of rules), otherwise you need to ship them off to a syslog server that can meet the requrments.
Click to expand...

Possibly not to be honest. I guess we only need it when troubleshooting (maybe)
 
You must log in or register to reply here.
Back
Top Bottom