SSH
Home Prev Up Next  

Customizing Logging

Tectia Server allows customizing the severity and facility of different logging events. The events have reasonable default values, which are used if no explicit logging settings are made.

The logging settings are made in the logging element of the ssh-server-config.xml file or with the Tectia Server Configuration tool. See the section called “The params Block” or Logging for more information.

The default logging settings of Tectia Server in the ssh-server-config-default.xml file are shown below:

<logging>
  <log-events facility="auth" severity="informational">
    Auth_method_success Auth_method_failure Auth_methods_completed
    Auth_methods_available Hostbased_auth_warning
    Publickey_auth_warning Publickey_auth_success GSSAPI_auth_warning
    Keyboard_interactive_pam_auth_warning
    Keyboard_interactive_radius_auth_warning
    Keyboard_interactive_securid_auth_warning
    GSSAPI_auth_success
    Keyboard_interactive_pam_auth_success
    Keyboard_interactive_radius_auth_success
    Keyboard_interactive_password_auth_success
    Keyboard_interactive_securid_auth_success
  </log-events>
  <log-events facility="auth" severity="warning">
    Hostbased_auth_error Publickey_auth_error GSSAPI_auth_error
    Keyboard_interactive_pam_auth_error
    Keyboard_interactive_radius_auth_error
    Keyboard_interactive_password_auth_error
    Keyboard_interactive_securid_auth_error
  </log-events>
  <log-events facility="daemon" severity="error">
    Server_start_failed
  </log-events>
  <log-events facility="daemon" severity="notice">
    Server_listener_failed Server_listener_started
    Server_listener_stopped Server_reconfig_finished
    Server_reconfig_started Server_stopping Server_running
    Server_starting
  </log-events>
  <log-events facility="daemon" severity="warning">
    Servant_exited Servant_error
  </log-events>
  <log-events facility="normal" severity="informational">
    Algorithm_negotiation_success Certificate_validation_success
    Certificate_validation_failure Key_store_create
    Key_store_destroy Key_store_add_provider Key_store_decrypt
    Key_store_sign Key_store_sign_digest Logout Disconnect
    Channel_open_failure Session_channel_open
    Session_channel_close Forwarding_channel_open
    Forwarding_channel_open Forwarding_channel_close
    Forwarding_listener_open Forwarding_listener_close
    Auth_listener_open Auth_listener_close Auth_channel_open
    Auth_channel_close
  </log-events>
  <log-events facility="normal" severity="security-failure">
    Connection_denied Login_failure
  </log-events>
  <log-events facility="normal" severity="security-success">
    Connect Login_success
  </log-events>
  <log-events facility="normal" severity="warning">
    Algorithm_negotiation_failure KEX_failure
    Key_store_create_failed Key_store_add_provider_failed
    Key_store_decrypt_failed Key_store_sign_failed
    Key_store_sign_digest_failed
  </log-events>
</logging>

For a description of the log events, see Appendix D.

Home Prev Up Next  

Copyright 2023 SSH Communications Security Corporation
This software is protected by international copyright laws. All rights reserved.
Contact Information