Log sftp operations, logins, transfers

9/13/2013 - 9:44 PM

Log sftp operations, logins, transfers

Change in /etc/ssh/sshd_config
Subsystem       sftp    /usr/libexec/openssh/sftp-server
To
Subsystem       sftp    /usr/libexec/openssh/sftp-server -f local5 -l INFO

(All loglevels: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, DEBUG3)

Reload sshd server
# service sshd reload

Add to /etc/rsyslog.conf
local5.none to default /var/log/messages

local5.info       /var/log/sftp-server

Restart rsyslog
# service rsyslog restart

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Log sftp operations, logins, transfers