Re: User audit logging

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Thursday 08 March 2012 00:56:12 Gregory Machin wrote:
> Hi
> I have setup user auditing with extd_audit and its working fine , i
> have it logging to log file = /var/log/samba/%U.%m.log and that is
> great for identifying the users and machines ...But the syslog entries
> don't have a username or host information and I want to use syslog to
> ship the logs to a central logging server.  Can I configure it to log
> username and hostname (or ip) to syslog with each log line ?
> Thanks
> G

afaik - you can't specify that for syslog.

There is another vfs called vfs_full_audit:
see also:

That one does _only_ log to syslog, but is very flexible and powerful.
For debugging purpose i used in the past:
   full_audit:prefix = %u|%I|%m|%S

Cheers, Günter
To unsubscribe from this list go to the following URL and read the

[Linux]     [Info Cyrus]     [LARTC]     [Bugtraq]     [Netfilter]     [Internet Dating Forums]     [RAID]     [Yosemite News]     [Photography]

Add to Google Powered by Linux