How to send Apache HTTPD access.log to syslog

In the file:/etc/http/conf/httpd.conf

Look for this line

CustomLog logs/access_log combined

And then add this line right after it:

CustomLog |/usr/local/etc/LongTail_send_access_to_syslog.pl combined

Run this command to load the right Perl module

cpan Sys::Syslog

Then create this file and make it executable: LongTail_send_access_to_syslog.pl

#!/usr/bin/perl
    use Sys::Syslog qw( :DEFAULT setlogsock );
setlogsock('unix');
openlog('LongTail_apache', 'pid', 'auth');
# I use 'auth' for LongTail, you can choose something else.
while ($log =<STDIN>){
                syslog('notice', $log);
    }
    closelog;

Then restart apache and your access.log logfile will go to syslogg.

Quick Notes On Kippo For Centos 6.5


# mostly stolen from
# http://www.karmicsangoma.co.za/2014/03/installing-kippo-honeypot-on-centos.html
adduser <username>
passwd <username>
yum install wget unzip twisted
vi /etc/ssh/sshd_config # Change port to 65000, PermitRootLogin no
ssh <username>@<hostname> -p 65000
iptables -A PREROUTING -t nat -i eth0 -p tcp –dport 22 -j REDIRECT –to-port 2222

wget https://github.com/desaster/kippo/archive/master.zip
unzip master.zip
cd kippo-master/
cp kippo.cfg.dist kippo.cfg
vi kippo.cfg # change ssh_version_string
vi data/userdb.txt  #Add users and passwords

chown -R <username> .
su <username>
./start.sh
sh <username>@<hostname> # to test