sshd configuration

Pankaj · August 26, 2015, 9:03am

Hi all,

I am using sles11 sp1. I want to configure sshd to log messages in different file other than /var/log/messages.
how can I achive this?

Pankaj · August 26, 2015, 11:49am

Hi All,

It’s done using filter in /etc/rsyslog.conf file as

Redirect sshd related messages

if ($programname == ‘sshd’ or $msg contains ‘publickey’) then \
#if ($msg contains ‘publickey’) then \
-/var/log/sshd/sshd.log;
& ~

maikcat · August 26, 2015, 1:18pm

which syslog do you use? rsyslog or syslog-ng?

Michael.

smflood · August 26, 2015, 4:12pm

On 26/08/2015 11:24, maikcat wrote:
[color=blue]

which syslog do you use? rsyslog or syslog-ng?[/color]

Given jaipankaj reported back that they edited /etc/rsyslog.conf I’m
guessing they’re using rsyslog. For syslog-ng on SLES11 SPx the file to
edit is /etc/syslog-ng/syslog-ng.conf which has a different format.

HTH.

Simon
SUSE Knowledge Partner

If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.

maikcat · August 27, 2015, 11:27am

didnt notice that the op simply updated the thread with a solution,

my bad sorry

Michael.

Topic		Replies	Views
Syslog-ng SLES Configure-Administer	1	364	August 31, 2012
Sending logs to a remote syslog server. SLES Configure-Administer	6	1221	June 7, 2017
Logging question SLES Configure-Administer	2	220	August 17, 2017
How to send logs to Splunk server SLES Configure-Administer	2	340	August 24, 2017
Setting up sending Linux logs to central Syslog server SLES Configure-Administer	3	516	September 1, 2015

sshd configuration

Redirect sshd related messages

HTH.

If you find this post helpful and are logged into the web interface, please show your appreciation and click on the star below. Thanks.

Related topics

If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.