topic Re: /etc/syslog.conf in Operating System - Linux

/etc/syslog.conf

susee_sundar — Thu, 15 Jun 2006 23:50:51 GMT

Hi,

I want to log all the bad login attempts in my Linux 7.2 server.

I created the /var/adm/btmp log file

#touch /var/adm/btmp

--->Is there any entry I need to put in /etc/syslog.conf file for enabling the badlogin attempts.
--->Else I need to start any service for the same..?
--->I want to log the ssh bad login attempts also Is there any other configuration for the same..?

Expecting the Reply from All....

Re: /etc/syslog.conf

debian111 — Fri, 16 Jun 2006 00:40:05 GMT

Hi Susee_sindar,

you can find login attemps in /var/log/auth.log

/var/log/lastlog
/var/log/messages

in /var/log you can find all logs related to your system, just keep them reading. Also you can read syslog.conf(5) manpage.

In fact in /var/log/auth.conf you can find all login attempts to your system. ( ITRC members correct me if I am wrong )

Best regards

Re: /etc/syslog.conf

susee_sundar — Fri, 16 Jun 2006 01:06:44 GMT

I tried this by creating /var/log/auth.log file but still the bad login attempts are not getting logged..

Re: /etc/syslog.conf

debian111 — Fri, 16 Jun 2006 02:07:30 GMT

I think /var/log/auth.log is created during installation process
Here is mine ( part ) /vat/log files
drwxr-xr-x 2 root root 4096 2006-02-28 17:31 apache
drwxr-xr-x 2 root root 4096 2006-02-28 17:23 apache2
-rw-r--r-- 1 root root 25173 2005-11-15 10:07 aptitude
drwxr-xr-x 4 asterisk asterisk 4096 2006-03-23 15:15 asterisk
-rw-r----- 1 root adm 1068581 2006-06-16 11:00 auth.log

You have to have auth.log file there or I think you should check your distro documentation, because this file may be located on different locations depending on which distro you use

Regards

Re: /etc/syslog.conf

susee_sundar — Wed, 21 Jun 2006 02:13:28 GMT

I am closing the thread But I didnt get a solution.