Configuring Logging in sshd2
sshd2
logs to the facility specified with the configuration
option SysLogFacility
. If the option is not set, sshd2
logs to the AUTH
facility.
For example, if you want sshd2
to log to the LOCAL1
facility, you need to add the following to your server's configuration
(/etc/ssh2/sshd2_config
):
The possible facilities are listed in Section Log Facilities below.
You also need to modify syslog
's configuration, so it knows
where to put the log messages.
In /etc/syslog.conf
(or equivalent):
local1.info /var/log/sshd2
|
On some systems, this file may need to exist before syslog
will
write to it, so you may need to create it:
# touch /var/log/sshd2
If syslog
accesses files with a non-root UID, for example
logger
, you need to change the ownership of the file to that user.
Remember to restart both sshd2
and syslogd
after
making changes to their configuration files.
Log Facilities for the SysLogFacility
Option
The following log facilities are available:
-
DAEMON
-
USER
-
AUTH
-
LOCAL0
-
LOCAL1
-
LOCAL2
-
LOCAL3
-
LOCAL4
-
LOCAL5
-
LOCAL6
-
LOCAL7