Many compliance specifications require logfile integrity monitoring. I'm at a loss of how to do this properly with FreeBSD without writing my own code. I'm looking at checking log files that grow for a while, get rotated to a different name and then later compressed and I want to do this with text files as well as binary files from OpenBSM. Tools like OSSEC seem to have some smarts when it comes to expanding log files or renamed logs but they don't seem to detect when the early parts of an expanding log have have been tampered with. Is there a simple tool that checksums a log up to its previously checked size to detect that or knows its been compressed? I expect the 1st answer is "move your logs to a more secure log server" but I have the same problem on that server too. What are the common solutions for doing this?