From: Joe Kattner (firstname.lastname@example.org)
- Previous message: Darren J Moffat: "Re: adminlog"
- In reply to: Ali Ernalbant: "adminlog"
- Next in thread: Grzegorz Czaplinski: "Re: adminlog"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Jan 2003 16:02:24 -0500 From: Joe Kattner <email@example.com> To: "Ali Ernalbant" <firstname.lastname@example.org>
Did you add an appropriate entry to /etc/syslog.conf and restart the
Add it to the bottom of your /etc/syslog.conf, touch the
file in /var/adm, restart syslogd.
If you only want failed logins in this separate file, use auth.crit
instead of auth.debug. Also keep in mind that * is not a wildcard for
severity, it represents all facilities (except mark).
You probably have a *.debug pointed to /var/adm/messages already which
will catch everything, make sure not to alter that. You always want to
log all system events especially access attempts..
I created `/var/adm/loginlog` as root to capture failed logins with
permission 600. (Solaris 9)
I changed group owner to `sys`. However when I try to make failed login
attempts, I can not get any log
Can anyone help me about this?
Thanks in advance,