- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- how to filter sshd in syslog.log to other file
Operating System - HP-UX
1767188
Members
5765
Online
108959
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-21-2003 01:38 AM
тАО11-21-2003 01:38 AM
I have a lot of messages like this in my /var/adm/syslog/syslog.log:
Nov 21 09:14:24 hostname sshd[13687]: Accepted password for oracle from 10.0.0.1 port 2831 ssh2
Nov 21 09:15:26 rubis sshd[14241]: Could not reverse map address 10.0.0.1.
How can I configure my /etc/syslog.conf in order to redirect these sshd messages to other file like /var/adm/syslog/sshd.log.
Right now I have configured ftpd and mail messages to other files.
Nov 21 09:14:24 hostname sshd[13687]: Accepted password for oracle from 10.0.0.1 port 2831 ssh2
Nov 21 09:15:26 rubis sshd[14241]: Could not reverse map address 10.0.0.1.
How can I configure my /etc/syslog.conf in order to redirect these sshd messages to other file like /var/adm/syslog/sshd.log.
Right now I have configured ftpd and mail messages to other files.
Solved! Go to Solution.
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-21-2003 01:43 AM
тАО11-21-2003 01:43 AM
Re: how to filter sshd in syslog.log to other file
Threads that may help"
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=150919
This doc for sure:
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90685/B2355-90685_top.html&con=/hpux/onlinedocs/B2355-90685/00/00/11-con.html&toc=/hpux/onlinedocs/B2355-90685/00/00/11-toc.html&searchterms=configuration%7csyslog.conf&queryid=20031121-074202
SEP
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=150919
This doc for sure:
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90685/B2355-90685_top.html&con=/hpux/onlinedocs/B2355-90685/00/00/11-con.html&toc=/hpux/onlinedocs/B2355-90685/00/00/11-toc.html&searchterms=configuration%7csyslog.conf&queryid=20031121-074202
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-21-2003 01:44 AM
тАО11-21-2003 01:44 AM
Re: how to filter sshd in syslog.log to other file
Hi
How about:-
Cat syslog.log | grep sshd > sshd.log
Pqaula
How about:-
Cat syslog.log | grep sshd > sshd.log
Pqaula
If you can spell SysAdmin then you is one - anon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-21-2003 01:49 AM
тАО11-21-2003 01:49 AM
Solution
Change sshd's syslog facility in /etc/opt/ssh/sshd_config.
Then edit /etc/syslog.conf to log that facility to a different file.
eg:
local1.debug /var/adm/syslog/sshd.log
Make sure you add 'local1.none' to other rules or you still get sshd entries in the system log files.
Restart sshd and syslogd.
HTH.
Then edit /etc/syslog.conf to log that facility to a different file.
eg:
local1.debug /var/adm/syslog/sshd.log
Make sure you add 'local1.none' to other rules or you still get sshd entries in the system log files.
Restart sshd and syslogd.
HTH.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-21-2003 01:55 AM
тАО11-21-2003 01:55 AM
Re: how to filter sshd in syslog.log to other file
Change these lines in /etc/opt/ssh/sshd_config
SyslogFacility AUTH
LogLevel INFO
Then restart sshd.
Then add this line to /etc/syslog.conf
auth.info;mail.none /var/adm/syslog/sshd.log
Then restart syslogd and youre done!
SyslogFacility AUTH
LogLevel INFO
Then restart sshd.
Then add this line to /etc/syslog.conf
auth.info;mail.none /var/adm/syslog/sshd.log
Then restart syslogd and youre done!
Im from Palmerston North, New Zealand, but somehow ended up in London...
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP