[sudo-users] Sudo logging and rsyslog
Leroy Tennison
leroy at datavoiceint.com
Tue Dec 15 16:38:24 MST 2015
Thank you for your prompt response on this (and on all the questions I've posted for that matter), I appreciate it. Although not what I was hoping to get as a reply, I suspected that would be the case given the difference in what was being done and just needed to know.
----- Original Message -----
From: "Todd C. Miller" <Todd.Miller at courtesan.com>
To: "Leroy Tennison" <leroy at datavoiceint.com>
Cc: sudo-users at sudo.ws
Sent: Tuesday, December 15, 2015 5:02:19 PM
Subject: Re: [sudo-users] Sudo logging and rsyslog
On Tue, 15 Dec 2015 16:59:59 -0600, Leroy Tennison wrote:
> I'm currently using sudo logging with log_output and maxseq which
> has created the /var/log/sudo-io/... directory tree. I noted a
> previous response which said sudo uses syslog by default. I now
> need to have this on a central log server and have been looking at
> rsyslog. Is it possible to use this configuration with with rsyslog?
> If so, do I need to do additional configuration for this?
There is not currently support for logging the I/O logs via syslog.
Those logs are stored locally. Using syslog() for this is rather
difficult since you'd need a way to reassemble the log from a large
number of parts on the remote end.
- todd
Confidentiality Notice | This email and any included attachments may be privileged, confidential and/or otherwise protected from disclosure. Access to this email by anyone other than the intended recipient is unauthorized. If you believe you have received this email in error, please contact the sender immediately and delete all copies. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
More information about the sudo-users
mailing list