HPE Community
Operating System - Linux
1752273 Members
5179 Online
108786 Solutions
New Discussion юеВ

Authentication logging problem in Linux server.

 
Kanagaraj
Regular Advisor

тАО03-29-2009 11:33 AM

тАО03-29-2009 11:33 AM

Authentication logging problem in Linux server.

Dear All,

our linux server have intalled OS Redhat E5 Linux,I want to capture auth.info and auth.notice logs in /var/log/authlog file.

I have made entires in /etc/syslog.conf file.

The entries are given below.

auth.info /var/log/authlog
auth.info /var/log/authlog


one information..
authlog file already created.
-rw------- 1 root root 0 Mar 27 18:44 /var/log/authlog

I have restarted syslog demon
service restart syslog

if any one faced same problem and resolved then Please share with me........
0 Kudos
4 REPLIES 4
Kanagaraj
Regular Advisor

тАО03-29-2009 11:37 AM

тАО03-29-2009 11:37 AM

Re: Authentication logging problem in Linux server.

Sorry------

In previous thread,I have mentioned only configuration of auth logs entires.

My problem is that authentication logs are not capturing in /var/adm/authlog file.
0 Kudos
Matti_Kurkela
Honored Contributor

тАО03-30-2009 09:03 AM

тАО03-30-2009 09:03 AM

Re: Authentication logging problem in Linux server.

Perhaps you've made the same mistake as many others when editing the syslog.conf file for the first time.

Between "auth.info" and "/var/log/authlog" parts, there *must* be at least one TAB character, not a space character.

Also, the specification

auth.info/var/log/authlog

captures all "auth" category messages of severity "info" _and above_.

To get _only_ messages of severity "info" or "notice", you must do something like this:

auth.info,auth.!warn/var/log/authlog

This selects authentication messages of severity "info" and above, then _de-selects_ messages of severity "warn" and above, leaving only "info" and "notice".

An alternative way to specify it would be:
auth.=info,auth.=notice/var/log/authlog

The equal sign means "only this severity level exactly".

MK
MK
0 Kudos
Kanagaraj
Regular Advisor

тАО03-31-2009 10:24 AM

тАО03-31-2009 10:24 AM

Re: Authentication logging problem in Linux server.

Thanks MK,Problem solved.

0 Kudos
Kanagaraj
Regular Advisor

тАО03-31-2009 10:25 AM

тАО03-31-2009 10:25 AM

Re: Authentication logging problem in Linux server.

I am closing this thread
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.