Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Logging network connections
Special Forums IP Networking Logging network connections Post 302304226 by abstrcrndm on Sunday 5th of April 2009 09:43:49 PM
Old 04-05-2009
Thanks for the reply. I have setup lots of different things to log, just wondering how to log information about connections to the network. Essentially how do I log information such as this as it happens:

sshd 5571 root 4u IPv4 115178105 TCP 1.2.3.4:ssh->5.6.7.8:51185 (ESTABLISHED)

Obviously I am getting information logged from Apache as far as who connects to the webserver, and mail servers are logging IP's of people that connect to that service, but I am looking for a daemon I can run that will essentially give me the info that netstat or lsof will give, which I can then have logged. Basically I what I would like is for something like netstat to run and all new entries that would show up when someone connects to any port on the system would generate a log entry. Thanks again!
 

9 More Discussions You Might Find Interesting

1. Linux

active network connections

how can i see active network connections (1 Reply)
Discussion started by: youmna
1 Replies

2. Solaris

Logging Connections in Solaris

Hi All, Is there a built in function/tool in Solaris that enables creation of a history file on any connection (via telnet, ssh, rsh or nfs) to Solaris machine? I would like to create a script that records IP Address, date and timestamp, and command excuted for any connection to a Solaris... (2 Replies)
Discussion started by: racbern
2 Replies

3. Solaris

logging incoming connections on solaris 10

i've been able to log incoming telnet and ssh connections on solaris 9 using the following lines in /etc/syslog.conf # Telnet connections are logged to auth.notice auth.notice /var/adm/authlog # An entry in /etc/profile logs all telnet connections... (2 Replies)
Discussion started by: soliberus
2 Replies

4. IP Networking

preferred network connections

I rotate between a static lan, dhcp lan, and various wireless networks daily. Is there a way to set preferred network connections? I use some static ip's daily, some static ip's like once a month, and almost never use the dhcp lan. The same I do with my various wireless networks. Some I use daily... (0 Replies)
Discussion started by: cokedude
0 Replies

5. IP Networking

2 WAN connections on 1 switch/network

I want to know potential problems with the following scenario OR if it is an ok way to have my network setup: I have 2 WAN connections to the internet. I have each WAN connection plugged into its own router. Router DD-WRT is gateway for servers (192.0.10.50). Router Tomato is gateway for pc's... (1 Reply)
Discussion started by: herot
1 Replies

6. UNIX for Advanced & Expert Users

Not logging ftp connections in /var/adm/wtmpx file (in last command output)

Hi all, I have F5 load balancer on my system and checking service status by opening an ftp session in every 30 seconds. These ftp sessions are being logged in /var/adm/wtmpx and filling up the file. when i run the last command most of the output is this ftp session. I was wondering if there is a... (1 Reply)
Discussion started by: cepxat
1 Replies

7. Shell Programming and Scripting

Could you help me writing a script showing which network connections are currently active?

Could you help me writing a script showing which network connections are currently active? Means output should be something like: "eth0, wlan1, wlan3" Problem: The output is supposed to happen on a 16x2 LCD Display. Currently I am doing a "Ifconfig" as output, but its too fast for the... (2 Replies)
Discussion started by: lordofazeroth
2 Replies

8. Solaris

Configuring central logging server for network devices

Hi I am very well aware of configuring central logging (syslog)server on solaris to capture logs of other solaris servers. But don't know how to capture the logs of network devices like Juniper , cisco etc on solaris server. Is this possible through syslog server of solaris. Is there any way we... (1 Reply)
Discussion started by: amity
1 Replies

9. UNIX for Advanced & Expert Users

Network Connections

I have a static IP 47.21.154.146 and two computers which I wish to talk to each other. The two IPs are 198.168.1.5 and 198.168.1.6. How do I do it. For example ls from one computer to the other. TIA (8 Replies)
Discussion started by: Meow613
8 Replies

LEARN ABOUT CENTOS

watchgnupg

WATCHGNUPG(1)							 GNU Privacy Guard						     WATCHGNUPG(1)

NAME

       watchgnupg - Read and print logs from a socket

SYNOPSIS

       watchgnupg [--force] [--verbose] socketname

DESCRIPTION

       Most  of  the main utilities are able to write their log files to a Unix Domain socket if configured that way.  watchgnupg is a simple lis-
       tener for such a socket.  It ameliorates the output with a time stamp and makes sure that long lines are not interspersed with  log  output
       from other utilities.  This tool is not available for Windows.

       watchgnupg is commonly invoked as

	 watchgnupg --force ~/.gnupg/S.log

OPTIONS

       watchgnupg understands these options:

       --force
	      Delete an already existing socket file.

       --tcp n
	      Instead of reading from a local socket, listen for connects on TCP port n.

       --verbose
	      Enable extra informational output.

       --version
	      Print version of the program and exit.

       --help Display a brief help page and exit.

EXAMPLES

	 $ watchgnupg --force /home/foo/.gnupg/S.log

       This  waits  for connections on the local socket '/home/foo/.gnupg/S.log' and shows all log entries.  To make this work the option log-file
       needs to be used with all modules which logs are to be shown.  The value for that option must be given with a special prefix (e.g.  in  the
       conf file):

	 log-file socket:///home/foo/.gnupg/S.log

       For  debugging purposes it is also possible to do remote logging.  Take care if you use this feature because the information is send in the
       clear over the network.	Use this syntax in the conf files:

	 log-file tcp://192.168.1.1:4711

       You may use any port and not just 4711 as shown above; only IP addresses are supported (v4 and v6) and no host names.  You  need  to  start
       watchgnupg  with  the  tcp option.  Note that under Windows the registry entry HKCUSoftwareGNUGnuPG:DefaultLogFile can be used to change
       the default log output from stderr to whatever is given by that entry.  However the only useful entry is a TCP name for remote debugging.

SEE ALSO

       gpg(1), gpgsm(1), gpg-agent(1), scdaemon(1)

       The full documentation for this tool is maintained as a Texinfo manual.	If GnuPG and the info program are properly installed at your site,
       the command

	 info gnupg

       should give you access to the complete manual including a menu structure and an index.

GnuPG 2.0.22							    2014-06-10							     WATCHGNUPG(1)
All times are GMT -4. The time now is 08:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy