13.4.12.2 Check integrity of access log
An access log is of little value if we cannot make sure that the log itself cannot be falsified. For this reason keys are generated for each entry in table 'access', keys that later on may serve to confirm the accuracy of the entries. The technology used here was taken from the application 'md5sum'. When so-called 'signing' of the entries takes place, it is always the entries that are signed as well as the hash of the previous entry. This is the reason why it is possible to ascertain later on whether all entries were correctly created. But only if the hash of the first and last (most current) entry are known. Consequently, we recommend that you save the first hash in a different place after you have turned on the access log function, and to save the most current hash from time to time too.
If you have a good backup concept, it is unnecessary to manually note the hash as these keys are automatically saved in the backups.