Книга: Fedora™ Unleashed, 2008 edition
Configure System Logging
Разделы на этой странице:
Configure System Logging
Part of system administration involves reviewing log files for what the server is doing, who accessed it, what files were transferred, and other pieces of important information. You can use a number of commands within /etc/ftpacess to control your FTP server's logging actions.
Redirect Logging Records
This line allows the administrator to redirect where logging information from the FTP server is recorded:
log <syslog>{+<xferlog>}
By default, the information for commands is stored in /var/log/messages, although the man pages packaged in some RPMs state that this information is written to /var/log/xferlog. Check your server's settings for information regarding the location of your file transfer logs.
Log All User-Issued Commands
This line enables logging for all commands issued by the user:
log commands [<typelist>] is a comma-separated list of
typelistanonymous, guest, and real. If no typelist is given, commands are logged for all users. Some wu-ftpd RPMs set the logging of all file transfers to /var/log/xferlog (see the next section). However, you can add the log command to ftpaccess with the commands keyword to capture user actions. Logging is then turned on and user actions are captured in /var/log/messages. Here is a sample log file:
Oct 6 12:21:42 shuttle2 ftpd[5229]: USER anonymous
Oct 6 12:21:51 shuttle2 ftpd[5229]: PASS [email protected]
Oct 6 12:21:51 shuttle2 ftpd[5229]: ANONYMOUS FTP LOGIN FROM 192.168.2.31 [192.168.2.31], [email protected]
Oct 6 12:21:51 shuttle2 ftpd[5229]: SYST
Oct 6 12:21:54 shuttle2 ftpd[5229]: CWD pub
Oct 6 12:21:57 shuttle2 ftpd[5229]: PASV
Oct 6 12:21:57 shuttle2 ftpd[5229]: LIST
Oct 6 12:21:59 shuttle2 ftpd[5229]: QUIT
Oct 6 12:21:59 shuttle2 ftpd[5229]: FTP session closed
The sample log shows the username and password entries for an anonymous login. The CWD entry shows that a cd command is used to navigate to the pub directory. Note that the commands shown do not necessarily reflect the syntax the user typed, but instead list corresponding system calls the FTP server received. For example, the LIST entry is actually the ls command.
Log Security Violations and File Transfers
Two other logging commands are useful in the /etc/ftpaccess configuration file. This line enables the logging of security violations:
log security [<typelist>]
Violations are logged for anonymous, guest, and real users, as specified in the typelist — the same as other log commands. If you do not specify a typelist, security violations for all users are logged.
This line writes a log of all files transferred to and from the server:
log transfers [<typelist> [<directions>]] is the same as in log commands and log security lines.
typelistdirections is a comma- separated list of the keywords inbound for uploaded files and outbound for downloaded files. If no directions list is given, both uploaded and downloaded files are logged. Inbound and outbound logging is turned on by default.
Оглавление книги
- Using Commands in the ftpaccess File to Configure wu-ftpd
- Configure Connectivity Options
- System tools used for debugging
- Integrated Secure Communications System
- Configure Access Control
- Когда включаю компьютер, при загрузке пишется Insert system disk and press enter. Что нужно делать?
- На всех дисках моего компьютера есть папка System Volume Information. Для чего она нужна?
- 14.5.1. Open Systems Interconnection
- 5.3. TRENDS IN DISTRIBUTED FILE SYSTEMS
- Абстрактный базовый класс FileSystemInfo
- 1. Basic microprocessor systems
- CHAPTER 12 System-Monitoring Tools