For tips on collecting these logs, see the admin guide <investigating_logs>.
- AppArmor and grsec errors:
/var/log/kern.log - iptables:
/var/log/syslog
- Apache:
/var/log/apache2/*
If an error is triggered it's in the SecureDrop application logs: /var/log/apache2/source-error.log and /var/log/apache2/journalist-error.log
OSSEC :
/var/ossec/logs/ossec.log /var/ossec/logs/alerts/alerts.logPostfix/Procmail :
/var/log/mail.log /var/log/procmail.log