HPE Community
Operating System - HP-UX
1752577 Members
4143 Online
108788 Solutions
New Discussion юеВ

sftp logs to be rerouted

 
SOLVED
Go to solution
AbhilashPaul
Advisor

тАО06-24-2009 01:22 AM

тАО06-24-2009 01:22 AM

sftp logs to be rerouted

how can i reroute the log files of sftp from syslog.log file. &.I am using Hp unix 11.23 box.
0 Kudos
Reply
4 REPLIES 4
Nido
Trusted Contributor

тАО06-24-2009 04:12 AM

тАО06-24-2009 04:12 AM

Solution

Re: sftp logs to be rerouted

Hello Abhilash,

Check for SyslogFacility in the following link:
http://docs.hp.com/en/5992-4213/5992-4213.pdf

On my machine syslogfacility is disabled which bydefault sets to AUTH.

# grep -i syslo /opt/ssh/etc/sshd_config
#SyslogFacility AUTH


You may put entry like below in /opt/ssh/etc/sshd_config:

SysLogFacility LOCAL6


In /etc/syslog.conf add the following:
local6.notice /var/log/sftp


Restart the sshd daemon and it should log notice messages to /var/log/sftp.


Cheers!!
" Let Villagers Be Happy!! "
Reply
TTr
Honored Contributor

тАО06-24-2009 04:46 AM

тАО06-24-2009 04:46 AM

Re: sftp logs to be rerouted

An sftp client connects to the sshd service so sftp logging is part of the overall sshd logging. You can not separate only the sftp log entires out of the syslog file, you would have to separate all sshd logging. This would include logging from ssh and scp connections. Are you willing to do that?
0 Kudos
Reply
TTr
Honored Contributor

тАО06-24-2009 05:19 AM

тАО06-24-2009 05:19 AM

Re: sftp logs to be rerouted

@Nido SysLogFacility LOCAL6

First you have to ensure that nothing else is set up to use the LOCAL6 facility.

Then the local6 facility must be excluded from the syslog.log loging by adding the local6.none in the syslog.log line in the syslog.conf file. Otherwise you end up with dual logging in both the syslog.log and the /var/log/sftp file.

The /var/log/sftp file is not an HP-UX standard. There is nothing wrong with using it but it would be more appropriate to use /var/adm/syslog/sshd.log
0 Kudos
Reply
Nido
Trusted Contributor

тАО06-24-2009 05:56 AM

тАО06-24-2009 05:56 AM

Re: sftp logs to be rerouted

@TTr,I agree and Thanks!!
" Let Villagers Be Happy!! "
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.