HPE Community
Operating System - HP-UX
1832965 Members
2517 Online
110048 Solutions
New Discussion

Re: FTP Logging

 
Anthony Alvarez_1
Occasional Contributor

‎02-27-2003 02:41 PM

‎02-27-2003 02:41 PM

FTP Logging

I know this has to be really basic, and apologies for the question, but I couldn't find it elsewhere in the forum, so apologies if this is a FAQ.

Could you kindly share your experience with me?

How can FTP be configured to create a access and error log file? We need to find out who has been using FTP and when.

We are using HPUX v10.20's built in FTP.
Any clues, suggestions, tips or advise are greatly appreciated. Please advise.

I look forward to hearing from you. Thanks in advance.
0 Kudos
Reply
6 REPLIES 6
Paul Sperry
Honored Contributor

‎02-27-2003 02:47 PM

‎02-27-2003 02:47 PM

Re: FTP Logging

By default all ftp logging is done in /var/adm/syslog/syslog.log
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-27-2003 02:54 PM

‎02-27-2003 02:54 PM

Re: FTP Logging

ftp logging is for inbound, not inbound.

HP-UX uses Washington University's free ftp server


For enhanced logging

vi /etc/inetd.conf

the line that says ftpd add a -l (dash letter lower case L)


save the file

inetd -c

enhanced logging is in place.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Ian Kidd_1
Trusted Contributor

‎02-27-2003 02:55 PM

‎02-27-2003 02:55 PM

Re: FTP Logging

some of the more advanced logging options for the ftpd is found only on 11.00 and higher. with that version you can set it up so that there is an addional log file for ftp.

But I don't believe those options exist on 10.20. All you have is the -v option:

(1) modify /etc/inetd.conf to use the -v option:
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -lv

(2) recycle the internet services daemon:
/usr/sbin/inetd -c

you should then get more info put into your syslog


If at first you don't succeed, go to the ITRC
0 Kudos
Reply
Greg Geyer
Frequent Advisor

‎02-27-2003 02:56 PM

‎02-27-2003 02:56 PM

Re: FTP Logging

check the man page for ftpaccess. There is some logging to the /var/adm/syslog/syslog.log by default, but for indepth logging (which will go to /var/adm/syslog/xfer.log) use the log transfers and log commands line items in the config file.
0 Kudos
Reply
Ian Kidd_1
Trusted Contributor

‎02-27-2003 03:11 PM

‎02-27-2003 03:11 PM

Re: FTP Logging

I posted a few minutes ago about the -v option for the ftpd daemon. Here's some actual data that I pulled from a 10.20 system:

This is the output of ftpd -lv:
Feb 24 20:14:20 sarena01 ftpd[17081]: FTP LOGIN FROM sarena01, ikidd
Feb 24 20:14:22 sarena01 ftpd[17081]: PORT
Feb 24 20:14:31 sarena01 ftpd[17081]: PORT
Feb 24 20:14:31 sarena01 ftpd[17081]: FTP: retrieve slck
Feb 24 20:14:32 sarena01 ftpd[17081]: User ikidd logged out

It shows login/logout times as well as the fact that I retrieved (get) the file slck.
If at first you don't succeed, go to the ITRC
0 Kudos
Reply
T G Manikandan
Honored Contributor

‎02-27-2003 07:48 PM

‎02-27-2003 07:48 PM

Re: FTP Logging

Make sure that you add -l in the /etc/inetd.conf file
like
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l

ALso make sure that you have /etc/syslog.conf

local5.debug /var/adm/syslog/syslog.log

if you do not have then add it and then do a
kill -HUP `cat /var/run/syslog.pid`

to re-read the syslog.conf file
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.