https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971687#M7264 Here is an idea that I use on the UNIX systems I support (T64 included) that might help in the short term:<BR /><BR />I modify each user's profile to invoke a log entry each time the user logs in. Especially the root account. A few of my T64 systems, I had to give root psw to Security group, and a couple of others, so I did this to 'monitor' the login.<BR /><BR />If I'm not mistaken, aren't ftp's logged in the auth.log file in syslog.dated directory?<BR /><BR />Mike Elleby Sat, 17 May 2003 22:02:01 GMT Michael Elleby III_1 2003-05-17T22:02:01Z https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971685#M7262 Hi<BR />I am a SUN Sysadmin.<BR />Now i musst supervise a TRUE64 UNIX System. <BR /><BR />I would like to supervise all user log in. the user which via telnet, Rlogin etz at the system announce themselves. With SUN inetd the service with t must be started and in syslog.conf auth.notice inserts to become. What has to be done with TRUE64 everything? can someone help me? Tue, 13 May 2003 09:05:48 GMT https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971685#M7262 Bardill 2003-05-13T09:05:48Z https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971686#M7263 there are several ways to log user logins. <BR /><BR />First it is possible to use the old syslog.conf mechanism by adding the same keywords (man syslog.conf). <BR />In 5.x systems you can use the evm-system by filtering sys.unix.syslog.auth events (man evm).<BR />Or you can use the C2 subset (man secsetup)<BR />Or you can use the audit feature (man 7 audit)<BR /> Thu, 15 May 2003 09:19:44 GMT https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971686#M7263 Ralf Puchner 2003-05-15T09:19:44Z https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971687#M7264 Here is an idea that I use on the UNIX systems I support (T64 included) that might help in the short term:<BR /><BR />I modify each user's profile to invoke a log entry each time the user logs in. Especially the root account. A few of my T64 systems, I had to give root psw to Security group, and a couple of others, so I did this to 'monitor' the login.<BR /><BR />If I'm not mistaken, aren't ftp's logged in the auth.log file in syslog.dated directory?<BR /><BR />Mike Elleby Sat, 17 May 2003 22:02:01 GMT https://community.hpe.com/t5/operating-system-tru64-unix/sysloging-from-remote-users/m-p/2971687#M7264 Michael Elleby III_1 2003-05-17T22:02:01Z