| View previous topic :: View next topic |
| Author |
Message |
luca
Guru
Joined: 11 Feb 2004
Posts: 374
|
 Posted: Thu Dec 16, 2004 12:50 pm Post subject: ssh logfiles |
 |
|
Hi All
I've this strange networking problems. Some logins fail and some do not. This is one of the reasons I like to see some log files in which this stuff is stored, but I can't find such a file (/var/log/ )
Any suggestions where such a file may be, or how to get one ??
Thanks in advance
Luca |
|
| Back to top |
|
 |
soth
Apprentice
Joined: 12 Sep 2003
Posts: 207
|
| Posted: Thu Dec 16, 2004 12:56 pm Post subject: |
|
|
Which logger are you using?
Without knowing that,
/val/log/messages would be my bet...
_________________
- Never argue with an idiot. They just drag you down to your level and beat you with experience.
Join the adopt an unanswered post initiative today |
|
| Back to top |
|
|
luca
Guru
Joined: 11 Feb 2004
Posts: 374
|
| Posted: Thu Dec 16, 2004 1:00 pm Post subject: |
|
|
I use syslog-ng
I did a | Code: | | tail -f /var/log/messages |
and did a login, but nothing was reported there!
Luca |
|
| Back to top |
|
|
soth
Apprentice
Joined: 12 Sep 2003
Posts: 207
|
| Posted: Thu Dec 16, 2004 1:07 pm Post subject: |
|
|
What does your /etc/syslog-ng/syslog-ng.conf look like?
_________________
- Never argue with an idiot. They just drag you down to your level and beat you with experience.
Join the adopt an unanswered post initiative today |
|
| Back to top |
|
|
luca
Guru
Joined: 11 Feb 2004
Posts: 374
|
| Posted: Thu Dec 16, 2004 1:15 pm Post subject: |
|
|
Here is a listing of my syslog-ng.conf :
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.4 2004/07/18 02:25:02 dragonheart Exp $
#
# Syslog-ng default configuration file for Gentoo Linux
# contributed by Michael Sterrett
options {
long_hostnames(off);
sync(0);
# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(43200);
};
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
destination messages { file("/var/log/messages"); };
# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };
# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };
log { source(src); destination(messages); };
log { source(src); destination(console_all); };
|
|
| Back to top |
|
|
soth
Apprentice
Joined: 12 Sep 2003
Posts: 207
|
| Posted: Thu Dec 16, 2004 1:22 pm Post subject: |
|
|
That conffile says you should get it in messages. It looks to be a standard syslog-ng default.
This is what a tail /var/log/messages looks like on a box wiht a similar conffile looks like:
Dec 16 14:16:17 hostname sshd[10277]: Accepted publickey for username from xxx.xxx.xxx.xx port 47523
ssh2
Dec 16 14:16:17 hostname sshd(pam_unix)[10282]: session opened for user usernameby (uid=0)
If this is not the case, have you checked rc-status? Maybe the logger isn't started?
_________________
- Never argue with an idiot. They just drag you down to your level and beat you with experience.
Join the adopt an unanswered post initiative today |
|
| Back to top |
|
|
luca
Guru
Joined: 11 Feb 2004
Posts: 374
|
| Posted: Thu Dec 16, 2004 2:36 pm Post subject: |
|
|
Somehow, after a reboot it worked for one of the two, can login again and the messages show up in the message file (rc-status looks ok). The other machine, for which I have the same problems seems completely dead now, even ping doesn't get a responds back....... (gues I've to go there  )
To be continued......
Thanks so far
Luca |
|
| Back to top |
|
|
|
Networking & Security
