Angelina Carlton wrote:
On Thu, Mar 31, 2005 at 06:32:37PM +0200, Michelle Konzack wrote:Be happy... Today I have gotten more then 3000 of this... 18 MByte of "/var/log/sshd.log".Hi Michelle, can you descibe to me how to make all sshd activity log to /var/log/sshd.log ? My woody server logs it auth.log which is fine I suppose but I woul much rather have sshd.log my sshd_config has: # Logging SyslogFacility AUTH LogLevel INFO I would imagine that needs changing to something, but syslog would need to be changed also? and what about logrotate?
Change AUTH to LOCAL0 and then modify /etc/syslog.conf to log the LOCAL0 facility to /var/log/sshd.log Don't forget setup a log rotation for it (I am not sure if syslog handles this automatically). -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr
Attachment:
signature.asc
Description: OpenPGP digital signature