HPE Community
Operating System - HP-UX
1819915 Members
2282 Online
109607 Solutions
New Discussion юеВ

syslog.conf

 
SOLVED
Go to solution
St├йphane Gauthier
Advisor

тАО02-09-2010 06:36 AM

тАО02-09-2010 06:36 AM

syslog.conf

Hello,

Ou security guy wants to log all sessions (telnet, ftp, ssh) on our HP-UX server using a syslog server. I am trying to send the info using the HP-UX syslog but it does not seem to be working using *.auth. Any advice? Here is the syslog.conf config. Yes they are some TAB between the first and second column...just can't see here ;o)

# @(#)B.11.31_LR
#
# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none;local1.none /var/adm/syslog/syslog.log
*.info;mail.none;local1.none @10.1.0.100
*.alert /dev/console
*.alert root
*.emerg *
*.auth @10.1.0.100
#
0 Kudos
Reply
4 REPLIES 4
Robert-Jan Goossens
Honored Contributor

тАО02-09-2010 07:15 AM

тАО02-09-2010 07:15 AM

Solution

Re: syslog.conf

Hi St├Г┬йphane,

I believe it should be auth.info, the syslog daemon is very picky.

try this.

auth.info @10.1.0.100
auth.info /var/adm/syslog/auth.log

Kill and start the syslogd.

Regards,
Robert-Jan
Reply
St├йphane Gauthier
Advisor

тАО02-09-2010 09:39 AM

тАО02-09-2010 09:39 AM

Re: syslog.conf

Tks. I have try and auth.info does it only with ftp connexion and do not catch the telnet or ssh one.
0 Kudos
Reply
WayneHP
Frequent Advisor

тАО02-09-2010 06:17 PM

тАО02-09-2010 06:17 PM

Re: syslog.conf

This should be useful.

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=267234
0 Kudos
Reply
Don Mallory
Trusted Contributor

тАО03-01-2010 08:33 AM

тАО03-01-2010 08:33 AM

Re: syslog.conf

You don't have to kill and restart the syslog daemon, just do a ps -ef | grep syslog, find the PID and run "kill -HUP 1234" where 1234 is the PID of syslogd.

Syslog only requires you to tell it to "hang up" and re-read the config. Otherwise, you will miss any messages that occur during the restart.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.