Hi
I need to register the administrators’ login and logout from my SLES 11
SP1 server. In /var/log/messages I see the login from ssh, but the
logout is missing. Moreover the login-logout with VNC is not logged.
It is possible to activate the login-logout registration with ssh and
VNC?
Thank you
Marco
mvisconti’s Profile: http://forums.novell.com/member.php?userid=97561
View this thread: http://forums.novell.com/showthread.php?t=447223
Hi
The output from the “last” command shows you the login and the logout
time. Is this what you’re searching?
Kind regards,
Tom
amo_vzug’s Profile: http://forums.novell.com/member.php?userid=25342
View this thread: http://forums.novell.com/showthread.php?t=447223
amo_vzug;2148896 Wrote:[color=blue]
Hi
The output from the “last” command shows you the login and the logout
time. Is this what you’re searching?
Kind regards,
Tom[/color]
Thanks for the answer.
I need a way to register the login and logout in a log file using the
syslog-ng. With the default configuration, only the login with ssh is
logged.
Regards
Marco
mvisconti’s Profile: http://forums.novell.com/member.php?userid=97561
View this thread: http://forums.novell.com/showthread.php?t=447223
mvisconti;2148950 Wrote:[color=blue]
Thanks for the answer.
I need a way to register the login and logout in a log file using the
syslog-ng. With the default configuration, only the login with ssh is
logged.Regards
Marco[/color]
This might help but not sure since I have not tried it:
http://www.suse.com/documentation/sled10/pdfdoc/auditqs_sp2/auditqs_sp2.pdf
Thomas
thsundel’s Profile: http://forums.novell.com/member.php?userid=128
View this thread: http://forums.novell.com/showthread.php?t=447223
thsundel;2148967 Wrote:[color=blue]
This might help but not sure since I have not tried it:
http://www.suse.com/documentation/sled10/pdfdoc/auditqs_sp2/auditqs_sp2.pdfThomas[/color]
And here is for SLES11:
http://www.suse.com/documentation/sles11/pdfdoc/art_auditquick/art_auditquick.pdf
Thomas
thsundel’s Profile: http://forums.novell.com/member.php?userid=128
View this thread: http://forums.novell.com/showthread.php?t=447223
You can increase the logging-information in the file
/etc/ssh/sshd_config from
“LogLevel INFO” (Default) to “LogLevel VERBOSE”. This gives you the
following entries in /var/log/messages:
Oct 26 13:23:29 server1 sshd[19058]: Connection from 99.99.99.99 port 50536
Oct 26 13:23:30 server1 sshd[19058]: Accepted keyboard-interactive/pam for user123 from 99.99.99.99 port 50536 ssh2
Oct 26 13:23:32 server1 sshd[19058]: Received disconnect from 99.99.99.99: 11: disconnected by user
With this information, you can create your own syslog-ng-filter
(match-tag) to redirect login-/disconnect-messages to a certain file.
Regards,
Tom
amo_vzug’s Profile: http://forums.novell.com/member.php?userid=25342
View this thread: http://forums.novell.com/showthread.php?t=447223
amo_vzug;2148974 Wrote:[color=blue]
You can increase the logging-information in the file
/etc/ssh/sshd_config from
“LogLevel INFO” (Default) to “LogLevel VERBOSE”. This gives you the
following entries in /var/log/messages:
[color=green][/color][/color]
Code:
--------------------[color=blue][color=green]
[/color]
Oct 26 13:23:29 server1 sshd[19058]: Connection from 99.99.99.99 port 50536
Oct 26 13:23:30 server1 sshd[19058]: Accepted keyboard-interactive/pam for user123 from 99.99.99.99 port 50536 ssh2
Oct 26 13:23:32 server1 sshd[19058]: Received disconnect from 99.99.99.99: 11: disconnected by user
[/color]
--------------------[color=blue][color=green]
[/color]With this information, you can create your own syslog-ng-filter
(match-tag) to redirect login-/disconnect-messages to a certain file.
Regards,
Tom[/color]
Many thanks!
Last question. It is possible to log the login and logout with VNC in
the same way? When I connect with vncviewer, I don’t see any message in
the log file (except error messages).
Regards
Marco
mvisconti’s Profile: http://forums.novell.com/member.php?userid=97561
View this thread: http://forums.novell.com/showthread.php?t=447223
mvisconti;2149023 Wrote:[color=blue]
Many thanks!
Last question. It is possible to log the login and logout with VNC in
the same way? When I connect with vncviewer, I don’t see any message in
the log file (except error messages).Regards
Marco[/color]
Maybe I found a solution. The VNC connection is logged by xinetd, thus
I must modify /etc/xinetd.conf
Thanks to all for the support.
Marco
mvisconti’s Profile: http://forums.novell.com/member.php?userid=97561
View this thread: http://forums.novell.com/showthread.php?t=447223
Hi,
I know this is a very old thread but I’m experiencing the same issue described here, I mean that the /var/log/messages file doesn’t contain any information about the logoff of the user but just only the login actitivity. Changing the log level to VERBOSE doesn’t resolve the problem. Could you suggest something else to try?
Regards,
Ros
[QUOTE=rosario_mattera;39789]Hi,
I know this is a very old thread but I’m experiencing the same issue described here, I mean that the /var/log/messages file doesn’t contain any information about the logoff of the user but just only the login actitivity. Changing the log level to VERBOSE doesn’t resolve the problem. Could you suggest something else to try?
Regards,
Ros[/QUOTE]
Hi
A very old thread 
Please start a new thread (add a prefix of the OS in use, potential newer tools etc) and the specific things you want to log.