Hi , I m trying to understand logging in solaris 2.x. I have few questions.
1) When the system switches message file to message.x ? switching depends on file size or time or more parameters. 2) I wish to know of failed login attempts as and when they occur. I touch lastlogin file which logs these entries but only if 5 consecutive failed attempts are made ( this is observed for 2.7 version). The entries do not tell you the ip address of the source from where the attempt was made ( how to get that??) , it just logs the terminal device alotted. I went through mailing list and tried putting a variable in etc/default/login file to log failed login attempts count to 1, but it didn't work. Only after 5 failed attempts the system logs it into lastlogin file. 3) Also about wtmp which logs the login activities of the users. Does this file also switch like message file??? if yes when and using what parameters.?? I wish to know who all logged in during past 30 days and who did not log in. 4) The log entries in message file do not log the year part. Is there a way to include the year as well.??? 5) some good pointers on customizing syslog.conf file and details on solaris logging. TIA rgds Madhur _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
