diff options
Diffstat (limited to 'src/etc/rsyslog.d')
-rw-r--r-- | src/etc/rsyslog.d/sudo.conf | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/etc/rsyslog.d/sudo.conf b/src/etc/rsyslog.d/sudo.conf new file mode 100644 index 000000000..589651f87 --- /dev/null +++ b/src/etc/rsyslog.d/sudo.conf @@ -0,0 +1,9 @@ +# Isolating sudo messages from syslog +# +# https://debian-administration.org/article/676/Isolating_sudo_messages_from_syslog + +# match if "program name" is equal to "sudo" +:programname, isequal, "sudo" -/var/log/auth.log + +# if we matched this causes the input to be swallowed, preventing further logging. +& ~ |