Back to HaCluster | Forward relatime events to a SIEM/log sink | Legal logs main section
This is to avoid malicious or illegal use of this Internet access, in the interest of users and the provider.
However, this conservation of logs is regulated
According to the law concerning logs in Article 6 II, decreed on March 24, 2006 ISPs, the obligation to preserve data is valid for an optimal period of one year.
Beyond this period, these data can be anonymized.
The purpose of the preservation is the possibility to easily identify a person suspected of illegal acts or words with the help of his navigation data.
It is then possible to request a deconfidentialization of the stored information if necessary.
This is only available to judicial authorities as part of an official investigation.
¶ Centralize access events and storage.
When connecting a new backend to the HaCluster, it is automatically defined to send relatime access events using syslog to the HaCluster Load-balancer service.
The HaCluster is able to store and rotate legal logs automatically on its disk.
You are able to set HaCluster to put all events containers to a Remote NAS system.
¶ Do backends also write their logs locally?
Yes, by default backends stores their logs locally and continue to rotate their legal logs.
This means, by default, that the logs are stored in two places. On backend proxies and on the load-balancer itself.
To ensure that proxies have no influence and have the best performance, we suggests that backend proxies do not store and generate real time logs.
- On the “Backends” section and “Central Configuration” table, turn ON the “Disable Realtime Events on Backends” option and click on Apply button.
