I have Ubuntu 10.04.2LTS 32-bit Desktop Edition and it's the same on 3 different systems.
iptables and sudo aren't logging and I need them to be.
1) None of them have the auth.log in /etc which is used for logging sudo commands/login authorizations
2) None of them have the syslog.conf file in /etc (but one does exist under /usr/share/logwatch/default.conf/logfiles/syslog.conf)
3) I've looked in the "Log Viewer" in Gnome and in /etc
I need to enable and monitor these loggings somehow.
asked 14 Apr '11, 13:53
I figured it out. I installed sysklogd, had to setup logging in iptables and a few minor tweaks to get it going, so I solved it myself.
answered 17 Apr '11, 22:52
iptables will only log, if you tell it to, and then depending on which log level you chose will depend on where it's directed. Once you know that you can setup in syslog.conf where the file is placed. Sudo tends to log whereever ssh does.
answered 14 Apr '11, 15:56