HomePage
Materiel
Photo Système et réseau Sous Debian Gnu Linux... ... et Ubuntu Gestion de projet ...informatique Cours Divers Private edit SideBar |
Deb /
LogsDeb.Logs HistoryHide minor edits - Show changes to markup February 04, 2009, at 12:24 AM
by
- Changed lines 33-36 from:
auth.*;auth.!=debug /var/log/sshd/auth.log
auth.info -/var/log/sshd/auth-info.log
auth.error -/var/log/sshd/auth-error.log
auth.debug -/var/log/sshd/auth-debug.log
to:
auth.*;auth.!=debug /var/log/sshd/auth.log
auth.info -/var/log/sshd/auth-info.log
auth.err;auth.crit;auth.notice;auth.warn;auth.alert -/var/log/sshd/auth-err.log
auth.debug -/var/log/sshd/auth-debug.log
Changed lines 42-43 from:
touch /var/log/sshd/auth.log && touch /var/log/sshd/auth-info.log && touch /var/log/sshd/auth-error.log && touch /var/log/sshd/auth-error.log
to:
touch /var/log/sshd/auth.log && touch /var/log/sshd/auth-info.log && touch /var/log/sshd/auth-err.log && touch /var/log/sshd/auth-error.log
February 04, 2009, at 12:14 AM
by
- Changed line 27 from:
to:
Added line 29:
Changed lines 33-35 from:
auth.*;auth.!=info /var/log/sshd/auth.log
auth.info /var/log/sshd/auth-info.log
auth.error /var/log/sshd/auth-error.log
to:
auth.*;auth.!=debug /var/log/sshd/auth.log
auth.info -/var/log/sshd/auth-info.log
auth.error -/var/log/sshd/auth-error.log
auth.debug -/var/log/sshd/auth-debug.log
Added lines 39-40:
NB : le caractère - indique au système de ne pas synchroniser les fichiers à chaque accès pour limiter l'usage des ressources de la machine. Le risque étant de perdre des infos en cas d'extinction sauvage de la machine.
Changed lines 42-45 from:
touch /var/log/sshd/auth.log
touch /var/log/sshd/auth-info.log
touch /var/log/sshd/auth-error.log
to:
touch /var/log/sshd/auth.log && touch /var/log/sshd/auth-info.log && touch /var/log/sshd/auth-error.log && touch /var/log/sshd/auth-error.log
February 04, 2009, at 12:09 AM
by
- Added lines 7-8:
Pour plus d'infos :
man syslog.conf
Added line 19:
Added line 23:
Added line 30:
February 04, 2009, at 12:07 AM
by
- Added lines 1-47:
Gestion des logsMéthode classiqueLa configuration globale des logs système est gérée dans /etc/syslog.conf.Exemple pour logger les tentatives de connexions via SSH :Modifier le fichier de config de /etc/ssh/sshd_config# Logging SyslogFacility AUTH # on met le facility à 'AUTH' LogLevel INFO # on place le niveau de logging à 'INFO' (on aurait pu mettre QUIET, DEBUG ou encore ERROR)Pour logger tous les évènements concernant la facility AUTH (comme le service sshd qu'on vient de configurer) : auth.* /var/log/sshd/auth.logNB : il est possible d'affiner le logging en filtrant le loglevel de la facility. Par exemple pour :
auth.*;auth.!=info /var/log/sshd/auth.log auth.info /var/log/sshd/auth-info.log auth.error /var/log/sshd/auth-error.logCréer le(s) fichier(s) de log : touch /var/log/sshd/auth.log
touch /var/log/sshd/auth-info.log
touch /var/log/sshd/auth-error.log
Redémarrer les services :
/etc/init.d/ssh restart
/etc/init.d/syslogd restart
Next generation loggingCette méthode utilise le programme syslog-ng. |