Login or Register to Ask a Question and Join Our Community


Solaris

logging incoming connections on solaris 10

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris logging incoming connections on solaris 10
# 1  
Old 01-22-2010
logging incoming connections on solaris 10
i've been able to log incoming telnet and ssh connections on solaris 9 using the following lines in /etc/syslog.conf

Code:
# Telnet connections are logged to auth.notice
auth.notice                                     /var/adm/authlog
# An entry in /etc/profile logs all telnet connections
local1.notice                                   /var/adm/authlog
# SSH connections are logged to auth.info
auth.info                                       /var/adm/sshauthlog

i've tried the same thing on solaris 10, but i get the following errors in /var/adm/messages:

Code:
Jan 22 03:10:02 sundb01 syslogd: line 24: unknown priority name "notice                                     /var/adm/authlog"
Jan 22 03:10:02 sundb01 syslogd: line 26: unknown priority name "notice                                   /var/adm/authlog"
Jan 22 03:10:02 sundb01 syslogd: line 28: unknown priority name "info                                       /var/adm/sshauthlog"

has anyone tried to log incoming telnet & ssh connections on solaris 10?
# 2  
Old 01-22-2010
What if you used <service>.* ?
eg auth.* & local1.*
# 3  
Old 01-22-2010
I've spotted my problem. I had spaces between auth.notice and /var/adm/authlog in the /etc/syslog.conf file, it should be separated by tabs. I've replaced the spaces with tabs and restarted the system-log service and it's logging now.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. IP Networking

All incoming connections ips LOG

How to make a log that will log all ips that connect to the server or send packets? And how to block an ip that make packets flood and try to DDoS? Thanks. (1 Reply)
Discussion started by: [xEF]Danger
1 Replies

2. Solaris

Carrier Detection in Solaris 8 for Dial in and Null Modem Connections

I am having troubles with carrier detection for dialing in via a modem or direct connection via a null modem connection under Solaris 8 (i.e. login session remains active after the modem disconnects). I tried two different dumb modems (which do not respond to AT commands) on the machine that I am... (6 Replies)
Discussion started by: rstor
6 Replies

3. UNIX for Advanced & Expert Users

Not logging ftp connections in /var/adm/wtmpx file (in last command output)

Hi all, I have F5 load balancer on my system and checking service status by opening an ftp session in every 30 seconds. These ftp sessions are being logged in /var/adm/wtmpx and filling up the file. when i run the last command most of the output is this ftp session. I was wondering if there is a... (1 Reply)
Discussion started by: cepxat
1 Replies

4. Solaris

Solaris 10 Not Logging Anything

Hello, It would appear that my server is no longer logging anything. Last time anything was written to /var/adm/messages and /var/log/syslog was Aug 26 2010. I was told there was a storm and the power went out or something around that time, but there were never any problems. I've tried... (11 Replies)
Discussion started by: gadonj18
11 Replies

5. Solaris

Logging Connections in Solaris

Hi All, Is there a built in function/tool in Solaris that enables creation of a history file on any connection (via telnet, ssh, rsh or nfs) to Solaris machine? I would like to create a script that records IP Address, date and timestamp, and command excuted for any connection to a Solaris... (2 Replies)
Discussion started by: racbern
2 Replies

6. IP Networking

Logging network connections

Hello, I have a centralized syslog server, and am wondering if there is a way to log all network connections to it (Primarily incoming, such as FTP, httpd, SSH, etc). Essentially what I would like is to get the information seen in netstat or lsof logged line by line, realtime. Is there a... (3 Replies)
Discussion started by: abstrcrndm
3 Replies

7. Solaris

Citrix cannot accept any connections in solaris 9

We have installed Citrix server in Solaris 9 (Sparc Ultra45), we are able to connect from windows workstations to Citrix Server. But today Suddenly we got the error Citrix server cannot accept any connections. I am not aware of citrix server, All citrix user Please help me in this regard what... (1 Reply)
Discussion started by: durgaprasadr13
1 Replies

8. Solaris

Default Concurrent Connections on solaris

Hello guys.. Solaris 10 Oracle 10gR2 Every night, we run some 10 batch jobs that access the Oracle Database all at once from another machine X and we are losing some of the batch jobs connections ..SO i started reading the Oracle Docs and this is what it says ... (2 Replies)
Discussion started by: vr76413
2 Replies

9. AIX

loggin incoming ftp connections in syslog

Hello, we recently configured syslog on one of our machines with the following line in /etc/syslog.conf *.info /audit/syslog.log rotate time 1d compress However it does not seem to be logging incoming ftp connections, only outgoing ftp connections? Is there a way to log incoming ftp... (2 Replies)
Discussion started by: zuessh
2 Replies
Login or Register to Ask a Question