diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-03-01 10:09:45 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-03-01 10:10:26 +0100 |
commit | 9e5933f4a49b4a85e19c964569415af24cdf0e8f (patch) | |
tree | fcdf07640ae0c6c418ebc9b038570c912d21a6c1 | |
parent | f1505962107f881eaf3eb41ebd99ecb4abcbc1d4 (diff) | |
download | vyos-1x-9e5933f4a49b4a85e19c964569415af24cdf0e8f.tar.gz vyos-1x-9e5933f4a49b4a85e19c964569415af24cdf0e8f.zip |
syslog: T2086: move sudo session open/close log entries to auth.log
-rw-r--r-- | debian/vyos-1x.install | 1 | ||||
-rw-r--r-- | src/etc/rsyslog.d/sudo.conf | 9 |
2 files changed, 10 insertions, 0 deletions
diff --git a/debian/vyos-1x.install b/debian/vyos-1x.install index eb19dafeb..d8388eecc 100644 --- a/debian/vyos-1x.install +++ b/debian/vyos-1x.install @@ -1,5 +1,6 @@ etc/dhcp etc/init.d +etc/rsyslog.d etc/systemd etc/vyos lib/ diff --git a/src/etc/rsyslog.d/sudo.conf b/src/etc/rsyslog.d/sudo.conf new file mode 100644 index 000000000..589651f87 --- /dev/null +++ b/src/etc/rsyslog.d/sudo.conf @@ -0,0 +1,9 @@ +# Isolating sudo messages from syslog +# +# https://debian-administration.org/article/676/Isolating_sudo_messages_from_syslog + +# match if "program name" is equal to "sudo" +:programname, isequal, "sudo" -/var/log/auth.log + +# if we matched this causes the input to be swallowed, preventing further logging. +& ~ |