[sudo-users] disable logging successful commands to systemd journal

ilf ilf at zeromail.org
Wed Nov 30 05:02:14 MST 2016

By default, sudo logs every invocation to system logs.

I would like to disable logging successful commands to systemd journal. 
But I would like to *keep* logs about unsuccessful attempts, like 
"pam_unix(sudo:auth): authentication failure" and "3 incorrect password 

Unfortunately, I cannot figure out from man-pages and 
/usr/share/doc/sudo/ how to do that.

Searching the archives of this list only show an 11 year old thread to 
disable logging of *all* messages generated by a user:

> Defaults>monuser          !syslog=local7


This "Defaults:user !syslog" is also returned by a websearch:

But I cannot even find a mention of that "syslog" option in the 
documentation, let alone an explanatino of what exactly it does.

Also, it disabling logging for an entire user is not what I would like 
to achieve.

So: Does anyone know how to disable logging successful commands (for one 
specific user) to systemd journal?

Thanks, and keep up the good work!


Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
		-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://www.sudo.ws/pipermail/sudo-users/attachments/20161130/53caf851/attachment.bin>

More information about the sudo-users mailing list