cancel
Showing results for 
Search instead for 
Did you mean: 

SFTP Logging

 
AZayed
Super Advisor

SFTP Logging

Dears,
Good day,

I was able to redirect all SFTP connection log to /var/adm/syslog/xferlog but it's giving me a lot of unnecessary information like connection open/close, changing directory ...

I only need information like the one FTP write. e.g. the username, IP address, action ( delete , rename , add ) with the file name.

So, can I do this ? because the file size is growing fast.

This is the parameters for SFTP :

sftp-server -f LOCAL0 -l INFO

Regards,
Success seems to be connected with action. Successful people keep moving. They make mistakes, but they don't quit.
7 REPLIES
kemo
Trusted Contributor

Re: SFTP Logging

AZayed
Super Advisor

Re: SFTP Logging

Thanks but I couldn't find the answer I looking for.
Success seems to be connected with action. Successful people keep moving. They make mistakes, but they don't quit.
Matti_Kurkela
Honored Contributor

Re: SFTP Logging

SFTP does not use the traditional xferlog format FTP uses.

You may have to find or write a script to post-process the SFTP connection log, to discard the parts useless to you. If you wish, you could also convert the log to the xferlog format.

I could not find such a script quickly with Google. Perhaps nobody has done such a script before, or perhaps I didn't use the right keywords?

MK
MK
AZayed
Super Advisor

Re: SFTP Logging

Hi Matti,
How are you doing?

I liked this idea, do you know how to do it?

If you wish, you could also convert the log to the xferlog format.

Thanks
Success seems to be connected with action. Successful people keep moving. They make mistakes, but they don't quit.
James R. Ferguson
Acclaimed Contributor

Re: SFTP Logging

Hi:

The format of the 'xferlog' is documented in the manpages: 'xferlog(5)'.

Regards!

...JRF...
AZayed
Super Advisor

Re: SFTP Logging

Hi JRF,

Hope you doing well.

We need to turn off FTP and start using SFTP with logging. Now, every FTP session write single line to xferlog but SFTP writes a lot of line for single connection. I need to reduce these amount of lines.

Thanks
Success seems to be connected with action. Successful people keep moving. They make mistakes, but they don't quit.
James R. Ferguson
Acclaimed Contributor

Re: SFTP Logging

Hi (again):

> every FTP session write single line to xferlog but SFTP writes a lot of line for single connection. I need to reduce these amount of lines.

And Matti already suggested that you might read the SFTP log entries and reformat them into the form expected for 'xferlog'. My comment was that that format is documented in the manpages.

If you plan to turn *off* FTP altogether, I don't necessarily see any value to reformatting its log information into the 'xferlog' format. You need to first define what information you would want logged and if it is worth reducing the raw log entries into a more compact form. You need to define, too, what information you might want to gain from the log (raw or refined).

Regards!

...JRF...