Re: adminlog

• Previous message: Darren J Moffat: "Re: adminlog"
• In reply to: Ali Ernalbant: "adminlog"
• Next in thread: Grzegorz Czaplinski: "Re: adminlog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 17 Jan 2003 16:02:24 -0500
From: Joe Kattner <joe@zosan.com>
To: "Ali Ernalbant" <ernalbant@uekae.uekae.tubitak.gov.tr>

Ali,

Did you add an appropriate entry to /etc/syslog.conf and restart the
syslog service?

auth.debug /var/adm/loglog

Add it to the bottom of your /etc/syslog.conf, touch the
file in /var/adm, restart syslogd.

If you only want failed logins in this separate file, use auth.crit
instead of auth.debug. Also keep in mind that * is not a wildcard for
severity, it represents all facilities (except mark).

You probably have a *.debug pointed to /var/adm/messages already which
will catch everything, make sure not to alter that. You always want to
log all system events especially access attempts..

Hello,

I created `/var/adm/loginlog` as root to capture failed logins with
permission 600. (Solaris 9)
I changed group owner to `sys`. However when I try to make failed login
attempts, I can not get any log
into `/var/adm/loginlog`.
Can anyone help me about this?

Thanks in advance,
Ali

• Next message: Grzegorz Czaplinski: "Re: adminlog"
• Previous message: Darren J Moffat: "Re: adminlog"
• In reply to: Ali Ernalbant: "adminlog"
• Next in thread: Grzegorz Czaplinski: "Re: adminlog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]