HPE Community
Operating System - Linux
1753766 Members
5814 Online
108799 Solutions
New Discussion юеВ

how to log sudo activities in separate log file

 
SOLVED
Go to solution
senthil_kumar_1
Super Advisor

тАО04-07-2009 07:07 AM

тАО04-07-2009 07:07 AM

how to log sudo activities in separate log file

Hi

I am using Redhat, Suse and HP-UX.

There is some users are configured in sudo.

So i want to log all sudo activities in separate file.

Pls answer my following questions:

1) what is default log file where all sudo activities are stored in Redhat, suse and HP-UX

2) How to store sudo activities in separate log file in Redhat, Suse and HP-UX.

pls explain for each OS.
0 Kudos
Reply
6 REPLIES 6
Ivan Ferreira
Honored Contributor

тАО04-07-2009 07:31 AM

тАО04-07-2009 07:31 AM

Re: how to log sudo activities in separate log file

1) Normally, sudo messages are sent to syslog.

2) Add a line like this to the defaults specification:

Defaults logfile=/var/log/sudo.log
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
senthil_kumar_1
Super Advisor

тАО04-07-2009 07:44 AM

тАО04-07-2009 07:44 AM

Re: how to log sudo activities in separate log file

Hi

in which file we have to add this line.

pls tell me for Redhat, suse and HP-UX separately.

is sudo logs only will be stored in /var/log/sudo.log after adding this entry?

or

is all the logs of /var/log/messages" is transfered to "/var/log/sudo.log"
0 Kudos
Reply
Avinash20
Honored Contributor

тАО04-07-2009 09:54 AM

тАО04-07-2009 09:54 AM

Re: how to log sudo activities in separate log file

sudo can log both successful and unsuccessful attempts (as well as errors) to syslog(3), a log file, or both. By default sudo will log via syslog(3) but this is changeable at configure time or via the sudoers file.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Reply
Avinash20
Honored Contributor

тАО04-07-2009 09:57 AM

тАО04-07-2009 09:57 AM

Re: how to log sudo activities in separate log file

Refer to http://www.gratisoft.us/sudo/man/sudoers.html

and search for sudo.log
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Reply
Avinash20
Honored Contributor

тАО04-07-2009 10:00 AM

тАО04-07-2009 10:00 AM

Solution

Re: how to log sudo activities in separate log file

I would change the sudoers file with visudo to read this way:

Defaults logfile=/var/adm/sudo.log

The log file which we generally mention is
/var/log/sudo.local.log

Since /var/log does not exist, it get to the the default destination syslog.log
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Reply
Ivan Ferreira
Honored Contributor

тАО04-07-2009 11:38 AM

тАО04-07-2009 11:38 AM

Re: how to log sudo activities in separate log file

>>> in which file we have to add this line.

Just run as root the visudo command

>>> pls tell me for Redhat, suse and HP-UX separately.

Same for all

>>> is sudo logs only will be stored in /var/log/sudo.log after adding this entry?

Only sudo logs
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.