위키
포럼
도구
바뀐글
랜덤

/var/log/secure

1 개요[ | ]

/var/log/secure
  • SSH 로그인 정보(성공+실패)를 가진 로그 파일
  • 이외에 useradd, userdel, su 기록 등 계정 조작 기록도 남음

2 예시[ | ]

[root@zetawiki ~]# cat /var/log/secure
... (생략)
Aug 13 15:39:16 localhost sshd[2668]: Accepted password for root from 192.168.0.246 port 1089 ssh2
Aug 13 15:39:16 localhost sshd[2668]: pam_unix(sshd:session): session opened for user root by (uid=0)
Aug 13 15:52:19 localhost useradd[2841]: new group: name=testuser, GID=501
Aug 13 15:52:19 localhost useradd[2841]: new user: name=testuser, UID=501, GID=501, home=/home/testuser, shell=/bin/bash
Aug 13 15:52:23 localhost su: pam_unix(su-l:session): session opened for user testuser by root(uid=0)
Aug 13 15:52:27 localhost su: pam_unix(su-l:session): session closed for user testuser
Aug 13 15:54:20 localhost userdel[2893]: delete user 'testuser'
Aug 13 15:54:20 localhost userdel[2893]: removed group 'testuser' owned by 'testuser'
... (생략)

3 로그순환[ | ]

[root@zetawiki ~]# ll /var/log/secure*
-rw------- 1 root root   1780 Aug 14 07:47 /var/log/secure
-rw------- 1 root root   5675 Aug 10 17:41 /var/log/secure.1
-rw------- 1 root root   7221 Aug  4 00:53 /var/log/secure.2
-rw------- 1 root root  11558 Jul 28 00:25 /var/log/secure.3
-rw------- 1 root root 418444 Jul 21 03:30 /var/log/secure.4

4 같이 보기[ | ]

원본 주소 "https://zetawiki.com/w/index.php?title=/var/log/secure&oldid=181002"
문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}