[sudo-users] Sudo logging and rsyslog
Todd C. Miller
Todd.Miller at courtesan.com
Tue Dec 15 16:02:19 MST 2015
On Tue, 15 Dec 2015 16:59:59 -0600, Leroy Tennison wrote:
> I'm currently using sudo logging with log_output and maxseq which
> has created the /var/log/sudo-io/... directory tree. I noted a
> previous response which said sudo uses syslog by default. I now
> need to have this on a central log server and have been looking at
> rsyslog. Is it possible to use this configuration with with rsyslog?
> If so, do I need to do additional configuration for this?
There is not currently support for logging the I/O logs via syslog.
Those logs are stored locally. Using syslog() for this is rather
difficult since you'd need a way to reassemble the log from a large
number of parts on the remote end.
- todd
More information about the sudo-users
mailing list