Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: problem during Recording Failed Login
Operating Systems Solaris problem during Recording Failed Login Post 302337918 by incredible on Sunday 26th of July 2009 09:55:42 AM
Old 07-26-2009
in /etc/syslog.conf, do this:-
uncomment the following lines.
*.err;kern.notice;auth.notice /dev/sysmsg
# if a non-loghost machine chooses to have authentication messages
auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
 

10 More Discussions You Might Find Interesting

1. AIX

failed login time limit

Hello, we had a situation where an account was locked out due to too many failed login attempts. From the logs (failedlogin, etc) it appears that AIX 'remembered' the failed login attempts from the past month or so. does anyone know where this is set, or how long it will remember the number of... (2 Replies)
Discussion started by: zuessh
2 Replies

2. Solaris

Last Failed Login

Hi, Would appreciate it if someone could shed me some light here as I'm yet to find any related information in this forum with regards to my problem. Basically, I would like to display "Last Unsuccessful login" information when a user successfully logs-in to the system. I can't seem to find... (2 Replies)
Discussion started by: gilberteu
2 Replies

3. UNIX for Advanced & Expert Users

failed ssh login with keys

Hi all, i have generated a pair of keys so that i can login via SSH without entering my password. I am using putty to login. After putting the public key on the server,then logging through putty, i get the message "Server refused our key" on screen. At the same time, /var/log/secure is... (3 Replies)
Discussion started by: new2ss
3 Replies

4. Solaris

FTP login failed.

Hi guys, Can you please help me. I have SUN V100 server running solaris 8. I also have a Redhat Linux 6.2 machine and a windows XP machine on the network. I'm trying to copy files from the Linux and XP machines to the V100 server. When I try to ftp to the solaris machine, I'm challenged... (2 Replies)
Discussion started by: Stin
2 Replies

5. Windows & DOS: Issues & Discussions

Application failed when remote login

I have an application (EXE file) in a Windows 2003 server. Through a DOS batch script, I called that application file using UNC path and working fine when locally login. But got failed when I tried the same batch script on remote login. The login id has been provided all the below rights: - Log on... (0 Replies)
Discussion started by: r_sethu
0 Replies

6. Solaris

Solaris 2.6 failed login logging

Holla! Sorry to spam the board with all my Solaris 2.6 questions (I just found this forum). My most recent problem is that not ALL failed log-ins are getting logged in /var/log/authlog. It seems to work fine for the "su" command from a non-root user, but the actual "login" command or a desktop... (4 Replies)
Discussion started by: rrossorr
4 Replies

7. Solaris

Console Login Failed..

Dear Unix Team, This is sudhansu once again. I need some tips on below issue. Sometimes we got calls from customer that their console got hangged means they are not able to access the server through console ip. in that case "resetsc -y" will resolve the issue. 2. But couple of days... (2 Replies)
Discussion started by: sudhansu
2 Replies

8. AIX

Clear failed login count

What's actually the difference between these two command: 1) chsec -f /etc/security/lastlog -a "unsuccessful_login_count=0" -s username 2) chuser unsuccessful_login_count=0 username Are there any impact on executing either one of those command to clear/reset the failed login count in AIX?... (2 Replies)
Discussion started by: ph4nt0m227
2 Replies

9. Red Hat

Login failed in Redhat Enterprise 6.2

When i finished installation the Redhat Enterprise Linux 6.2, and login to the system, I can't login although username: root and Password correct. I install on the Hp Blade Server. I don't know why. How to fix this error? who can help me? :confused: Thanks! (3 Replies)
Discussion started by: dinhdangnd
3 Replies

10. Solaris

Dynamically ban ip after failed login

Hello, I need some help with network/firewall settings in Solaris 11.3. What I want to achieve is that if someone tries to log in to my server and fails I want that IP to be banned for some time. So if a computer/user tries to login to my ssh-server on a specified port (normally 22) and... (2 Replies)
Discussion started by: Zorken
2 Replies

LEARN ABOUT XFREE86

syslog.conf

SYSLOG.CONF(5)						      BSD File Formats Manual						    SYSLOG.CONF(5)

NAME

     syslog.conf -- configuration file for syslogd(8)

DESCRIPTION

     The syslog.conf file is the configuration file for the syslogd(8) program.  It consists of lines with two fields: the selector field which
     specifies the types of messages and priorities to which the line applies, and an action field which specifies the action to be taken if a
     message syslogd receives matches the selection criteria.  The selector field is separated from the action field by one or more tab or space
     characters. A rule can be splitted in several lines if all lines except the last are terminated with a backslash (``'').

     The Selectors function are encoded as a facility, a period (``.''), and a level, with no intervening white-space.	Both the facility and the
     level are case insensitive.

     The facility describes the part of the system generating the message, and is one of the following keywords: auth, authpriv, cron, daemon,
     kern, lpr, mail, mark, news, syslog, user, uucp and local0 through local7.  These keywords (with the exception of mark) correspond to the
     similar ``LOG_'' values specified to the openlog(3) and syslog(3) library routines.

     The level describes the severity of the message, and is a keyword from the following ordered list (higher to lower): emerg, alert, crit, err,
     warning, notice and debug.  These keywords correspond to the similar (LOG_) values specified to the syslog library routine.

     See syslog(3) for a further descriptions of both the facility and level keywords and their significance.

     If a received message matches the specified facility and is of the specified level (or a higher level), the action specified in the action
     field will be taken.

     Multiple selectors may be specified for a single action by separating them with semicolon (``;'') characters.  It is important to note, how-
     ever, that each selector can modify the ones preceding it.

     Multiple facilities may be specified for a single level by separating them with comma (``,'') characters.

     An asterisk (``*'') can be used to specify all facilities or all levels.

     By default, a level applies to all messages with the same or higher level.  The equal (``='') character can be prepended to a level to
     restrict this line of the configuration file to messages with the very same level.

     An exclamation mark (``!'') prepended to a level or the asterisk means that this line of the configuration file does not apply to the speci-
     fied level (and higher ones). In conjunction with the equal sign, you can exclude single levels as well.

     The special facility ``mark'' receives a message at priority ``info'' every 20 minutes (see syslogd(8)).  This is not enabled by a facility
     field containing an asterisk.

     The special level ``none'' disables a particular facility.

     The action field of each line specifies the action to be taken when the selector field selects a message.	There are five forms:

     o	 A pathname (beginning with a leading slash).  Selected messages are appended to the file.

	 You may prepend a minus (``-'') to the path to omit syncing the file after each message log. This can cause data loss at system crashes,
	 but increases performance for programs which use logging extensively.

     o	 A named pipe (fifo), beginning with a vertical bar (``|'') followed by a pathname. The pipe must be created with mkfifo(8) before syslogd
	 reads its configuration file.	This feature is especially useful fo debugging.

     o	 A hostname (preceded by an at (``@'') sign).  Selected messages are forwarded to the syslogd program on the named host.

     o	 A comma separated list of users.  Selected messages are written to those users if they are logged in.

     o	 An asterisk.  Selected messages are written to all logged-in users.

     Blank lines and lines whose first non-blank character is a hash (``#'') character are ignored.

EXAMPLES

     A configuration file might appear as follows:

     # Log all kernel messages, authentication messages of
     # level notice or higher and anything of level err or
     # higher to the console.
     # Don't log private authentication messages!
     *.err;kern.*;auth.notice;authpriv.none  /dev/console

     # Log anything (except mail) of level info or higher.
     # Don't log private authentication messages!
     *.info;mail.none;authpriv.none	     /var/log/messages

     # The authpriv file has restricted access.
     authpriv.* 					     /var/log/secure

     # Log all the mail messages in one place.
     mail.*						     /var/log/maillog

     # Everybody gets emergency messages, plus log them on another
     # machine.
     *.emerg						     *
     *.emerg						     @arpa.berkeley.edu

     # Root and Eric get alert and higher messages.
     *.alert						     root,eric

     # Save mail and news errors of level err and higher in a
     # special file.
     uucp,news.crit					     /var/log/spoolerr

FILES

     /etc/syslog.conf  The syslogd(8) configuration file.

BUGS

     The effects of multiple selectors are sometimes not intuitive.  For example ``mail.crit,*.err'' will select ``mail'' facility messages at the
     level of ``err'' or higher, not at the level of ``crit'' or higher.

SEE ALSO

     syslog(3), syslogd(8)

4.4BSD								   June 9, 1993 							    4.4BSD
All times are GMT -4. The time now is 11:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy