[Sunhelp] syslog.conf

David Rouse cn1407 at coastalnet.com
Tue Mar 21 17:37:08 CST 2000


On 3/21/00 at 5:22 PM, moshel at novawiz.com (Moshe Levy) wrote:

>Hi,
>i want to all as much messages i can to /var/adm/message, so what i did
>is to put this line under the /etc/syslog.conf :
>
>*.info    /var/adm/messages
>(and im using TABS)
>
>unfortunatly it still doesnt log any remote login (telnet) to my server.
>
>any idea why is that ?

There is a switch for the ftp daemon that turns on logging, but I don't see
one for telnet. TCP Wrappers will log telnets if you want.

Note -- *.debug is actually the maximum sysloging detail. I normally split
different logging groups into different files though:

user.info    /var/log/user
kern.info    /var/log/kern
mail.debug   /var/log/mail
daemon.debug /var/log/daemon
auth.notice  /var/log/auth
lpr.notice   /var/log/lpr
cron.notice  /var/log/cron

Now you get finer control over the level of logging and the ability to spot
login failures without wading through the last boot messages and email
activiity.  You'll want to have a crontab to manage the log files, as the
exisiting log file handler won't see these.

I don't actually know what you'd get with 'auth.debug,' you might want to
try that.

drouse








More information about the SunHELP mailing list