Solaris 8 OS

I believe root access is being logged by my server but I only see it being written to the terminal. I want to know if there is a log file and how to not just log root access but if I can also log the IP address from which it is coming?

Thanks in advance.

hi start with eliminating need for access, if you feel that damage is being done to your server. If you think this is someone or something just being nosy, change root passwd and keep it to your self and senior management.
if yet you want to proceed....
next find out what process or script this root user is accessing....
most system logging takes place in /var/adm...Now prior to proceeding, change your root passwd so that you can definatly log failed entries ..
We want to add two additional log files there, sulog and loginlog. /var/adm/sulog logs all su attempts, both successful and failed. This allows you to monitor who is attempting to gain root access on your system. /var/adm/loginlog logs consecutive failed login attempts.

/etc/inetd.conf will tell you what all the services /etc/bin/inetd daemon listens for, since you only want to track ftp and telnet. Start with eliminating(commenting out) the other services (you or your app may need these services, but for now you can live without them)