View Single Post
Old 16th May 2009, 20:38
martin1977 martin1977 is offline
Junior Member
Join Date: May 2009
Posts: 20
Thanks: 0
Thanked 3 Times in 3 Posts
Default found the solution


As apparently nobody knows how that is done ( or nobody wnted to answer such a "silly" quesion ), I'd like to enlight you ;-)

In the syslog facility (on my machine it is rsyslog) there are options to define what is logged and where.
However, in /etc/rsyslog.conf I did the following change:
auth,authpriv.*               /var/log/auth.log

changed to 

auth,authpriv.err               /var/log/auth.log
auth,authpriv.warn               /var/log/auth.log
In that way only authentication log enties of warning or higher level are logged. Information about something or someone logging in not.
This solution might be a bit to "global" for some people, as it would not log any successful authentication.
So if anyone in this forum knows a better solution, please enlight me.
In the meanwhile this is at leat a working work around.

Reply With Quote