- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- syslog question
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 12:52 PM
тАО10-07-2010 12:52 PM
syslog question
I am running HP-UX 11.00, and I reconfigured the /etc/syslog.conf file to copy its contents to a central log server by adding several lines to the existing file. The syntax that I used is shown below:
# Copy the contents of the syslog file to the syslog server.
*.info;mail.none @
*.alert @
*.emerg @
mail.debug @
After I made the changes to the syslog.conf file, I stopped and restarted the service via the /sbin/init.d/syslogd script.
Since that time, there have not been any updates to the /var/adm/syslog/syslog.log file. I am not sure if the fault is with the syntax that I used in the file, or not properly restarting the service.
Can someone provide information on this issue? Thanks.
- Tags:
- syslog
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 01:00 PM
тАО10-07-2010 01:00 PM
Re: syslog question
*.info;mail.none
...
...
...
If you just hit the space bar for white space, then it won't work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 02:17 PM
тАО10-07-2010 02:17 PM
Re: syslog question
Thanks for your reply. I re-entered the lines in question, and restarted the syslog daemon. When I logged in, and then changed to root user, there was a new entry added to the syslog.log file.
As a follow-up question: If I want to have all instances of ssh connections made to the system in question recorded to syslog.log, what syntax would I add to the configuration file? Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 06:32 PM
тАО10-07-2010 06:32 PM
Re: syslog question
man sudoers
Also, man sshd shows the -q option to silence all sshd syslog entries.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 07:08 PM
тАО10-07-2010 07:08 PM
Re: syslog question
'sudoers'???? I think Bill probably meant on of the 'ssh man pages. You should probably investigate the 'sshd' man page as well as the sshd_config and ssh_config man pages.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2010 11:48 AM
тАО10-08-2010 11:48 AM
Re: syslog question
Yep. The sudoers man page covers a number of sshd logging options such as:
log_host
log_year
loglinelen
syslog_goodpri
syslog_badpri
logfile
syslog
These are set in the Defaults section of the sudoers file.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2010 01:58 PM
тАО10-08-2010 01:58 PM
Re: syslog question
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
Do I need to add an entry that will generate a log file? If so, what would be the correct syntax?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2010 02:10 PM
тАО10-08-2010 02:10 PM
Re: syslog question
LogLevel INFO
and then restart the sshd daemon. That should generate entries into the syslog.log file.
Correct?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2010 03:05 PM
тАО10-08-2010 03:05 PM
Re: syslog question
Of course sshd_config is the location to control ssh logging. You can control the level (priority) of the logged messages as well as sftp transfers. The -q (if sshd is started with that option) turns off syslog from sshd.
To generate a separate file for sshd entries, there are the SyslogFacility and SftpLogFacility. Change the default (AUTH) to something like LOCAL6 and then modify the syslog.conf file to generate a new log called local6.log for sshd.
Bill Hassell, sysadmin