Gentoo Archives: gentoo-amd64

From: Gavin Seddon <gavin.m.seddon@×××××××××××××.uk>
To: gentoo-amd64@l.g.o
Subject: Re: [gentoo-amd64] /var/log
Date: Wed, 21 Dec 2005 12:54:35
Message-Id: 1135169441.9142.10.camel@linuxstation
In Reply to: Re: [gentoo-amd64] /var/log by Craig Webster
Sorry,
I also use 'metalog.


On Wed, 2005-12-21 at 12:45 +0000, Craig Webster wrote:
> On 21 Dec 2005, at 12:32, Gavin Seddon wrote: > > I have been looking in '/var/log' for users logging on. The files and > > directories in there are fastidiously organised (to say the least). > > Better than usual UNIX distros. What is the best place to look for > > logins/hacks. > > Which syslog daemon do you use? How is it configured? > > I use metalog and I get password failure notices in /var/log/pwdfail/* > > You could also run > lastlog |grep -v '**Never logged in**' > to see when people last logged in. > > Yours, > Craig > -- > Craig Webster | t: +44 (0)131 516 8595 | e: craig@××××××.net > Xeriom.NET | f: +44 (0)709 287 1902 | w: http://xeriom.net > > >
-- Dr Gavin Seddon School of Pharmacy and Pharmaceutical Sciences University of Manchester Oxford Road, Manchester M13 9PL, U.K. -- gentoo-amd64@g.o mailing list

Replies

Subject Author
Re: [gentoo-amd64] /var/log Brett Johnson <brett@××××.com>