In order to make your logs as comprehensive as possible, I recommend a few changes to your /etc/syslog.conf file. Add the following lines:
*.warn;*.err /var/log/syslog
kern.* /var/log/kernel
ftp.info /var/log/ftplog
daemon.info /var/log/daemonlog
Be sure to use tabs between the element, and not spaces. Now locate the following line
*.info;mail.none;news.none;authpriv.none /var/log/messages
and change it to:
*.info;mail,ftp,daemon,authpriv.none /var/log/messages
These changes will separate various system messages into more logs, so any problems will be easier to track down. More on this below.
Next, you will have to create the new logs and change their permissions so that prying friendly eyes will not be able pursue them:
touch /var/log/ftplog /var/log/daemonlog
touch /var/log/syslog /var/log/kernel
chmod 600 /var/log/ftplog /var/log/daemonlog
chmod 600 /var/log/syslog /var/log/kernel
Finally, to make these changes take immediate effect, enter:
killall HUP syslogd
|