Gentoo Logo

About | Projects | Docs | Forums | Lists | Bugs | Get Gentoo! | Support | Planet | Wiki

Gentoo Spaceship
Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-amd64
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-amd64@g.o
From: Craig Webster <craig@...>
Subject: Re: /var/log
Date: Wed, 21 Dec 2005 12:45:22 +0000 
On 21 Dec 2005, at 12:32, Gavin Seddon wrote:
> I have been looking in '/var/log' for users logging on.  The files and
> directories in there are fastidiously organised (to say the least).
> Better than usual UNIX distros.  What is the best place to look for
> logins/hacks.

Which syslog daemon do you use? How is it configured?

I use metalog and I get password failure notices in /var/log/pwdfail/*

You could also run
lastlog  |grep -v '**Never logged in**'
to see when people last logged in.

Yours,
Craig
--
Craig Webster | t: +44 (0)131 516 8595 | e: craig@...
Xeriom.NET    | f: +44 (0)709 287 1902 | w: http://xeriom.net



-- 
gentoo-amd64@g.o mailing list
Replies:
Re: /var/log
-- Gavin Seddon
References:
/var/log
-- Gavin Seddon
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
/var/log
Next by thread:
Re: /var/log
Previous by date:
Re: firewall
Next by date:
Re: firewall


Updated Jun 17, 2009

Summary: Archive of the gentoo-amd64 mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.