The easiest way to prevent any data, including log files, from alteration and forgery is to place them on WORMdisks which are SATA hard disk drives with Write Once Read Many (WORM) capability for permanent protection (see https://en.wikipedia.org/wiki/Write_once_read_many) and (https://greentec-usa.com). These WORMdisks appear as an ordinary hard disk drive to the system and use standard SATA, USB, or eSATA and work with standard applications (e.g. use as the 😧 drive or mount point). This way the log files can be protected online and remain searchable. They can be used as individual disks or networked NAS or SAN storage. This is a NIST SP 1800-11 Data Integrity standard technology to be tamper-proof and impossible to circumvent.
... View more