HPE Community
Operating System - HP-UX
1833294 Members
3038 Online
110051 Solutions
New Discussion

Re: how to configure syslogd do log all users connexions

 
GNOM
Frequent Advisor

‎01-23-2006 08:38 PM

‎01-23-2006 08:38 PM

how to configure syslogd do log all users connexions

hi,

I want to configure syslogd so that, all users connexions (succefful or failed) be logged to the syslog file. Could someone help me ?

thanks
0 Kudos
Reply
7 REPLIES 7
Peter Godron
Honored Contributor

‎01-23-2006 08:53 PM

‎01-23-2006 08:53 PM

Re: how to configure syslogd do log all users connexions

Hi,
something along the lines:
auth.debug /var/adm/syslog/syslog.log
in the /etc/syslog.conf will probably start you off. Perhaps does not give you all the details you may want.
0 Kudos
Reply
Arunvijai_4
Honored Contributor

‎01-23-2006 08:58 PM

‎01-23-2006 08:58 PM

Re: how to configure syslogd do log all users connexions

Hello,

You need to edit /etc/syslog.conf file as

*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root,eric,kridle
*.emerg *

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Reply
Cem Tugrul
Esteemed Contributor

‎01-23-2006 09:03 PM

‎01-23-2006 09:03 PM

Re: how to configure syslogd do log all users connexions

Hi Gnom,

As others mentioned /etc/syslog.conf file what you need

Good Luck,
Our greatest duty in this life is to help others. And please, if you can't
0 Kudos
Reply
simon_164
Super Advisor

‎01-23-2006 09:03 PM

‎01-23-2006 09:03 PM

Re: how to configure syslogd do log all users connexions

here's how:
-- vi /etc/syslog.conf
add a line at the start of the file:
user.debug /var/adm/syslog/user.log

in this way you will change the log file from syslog.log to user.log since you will be getting much more user logs.
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎01-23-2006 09:06 PM

‎01-23-2006 09:06 PM

Re: how to configure syslogd do log all users connexions

By default,

It can be monitored as,

last -> successfull login
lastb -> bad login

It will use /var/adm/wtmp and /var/adm/btmp files.

To log informations in syslog.log then,

edit /etc/syslog.conf file as,

auth.*/var/adm/syslog/syslog.log

Restart syslogd (aemon) as,

# /sbin/init.d/syslogd stop
# /sbin/init.d/syslogd start

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
simon_164
Super Advisor

‎01-23-2006 09:07 PM

‎01-23-2006 09:07 PM

Re: how to configure syslogd do log all users connexions

you can also change the "" user.debug "" to be "" user.info "" or "" user.emerg ""
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎01-23-2006 09:08 PM

‎01-23-2006 09:08 PM

Re: how to configure syslogd do log all users connexions

I hope auth.info is enough to handle all login, su and tty based informatiosns into syslog.log file.


auth.info /var/adm/syslog/auth.log

Put this in syslog.conf and restart syslogd.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.