| # This is a sample syslog.conf fragment for use with Sudo. |
| # |
| # By default, sudo logs to "authpriv" if your system supports it, else it |
| # uses "auth". The facility can be set via the --with-logfac configure |
| # option or in the sudoers file. |
| # To see what syslog facility a sudo binary uses, run `sudo -V' as *root*. |
| # |
| # NOTES: |
| # The whitespace in the following line is made up of <TAB> |
| # characters, *not* spaces. You cannot just cut and paste! |
| # |
| # If you edit syslog.conf you need to send syslogd a HUP signal. |
| # Ie: kill -HUP process_id |
| # |
| # Syslogd will not create new log files for you, you must first |
| # create the file before syslogd will log to it. Eg. |
| # 'touch /var/log/sudo' |
| |
| # This logs successful and failed sudo attempts to the file /var/log/auth |
| # If your system has the authpriv syslog facility, use authpriv.debug |
| auth.debug /var/log/auth |
| |
| # To log to a remote machine, use something like the following, |
| # where "loghost" is the name of the remote machine. |
| # If your system has the authpriv syslog facility, use authpriv.debug |
| auth.debug @loghost |