Hi
I have setup CO:Z SFTP and it works with no problems. I'm also able to capture smf records but only on the client side.
Question:
Are there any parameters or is it possible to capture SMF records on the server side.
Thanks in advance
Danny Naicker
SMF records written by the server
-
danny_naicker
- Posts: 11
- Joined: Mon Jan 19, 2009 3:50 am
Right - if you don't have an sftp-server.rc file in the user directory, then you will end up using the IBM supplied FTP server.
You can change this behavior if you create an executable installation-level profile script: "/etc/ssh/sftp-server.rc" and in it have:
# Use the Co:Z version of sftp-server even if the user
# doesn't have a ~/ssh/sftp-server.rc profile
USE_COZ_SFTP=true
You can change this behavior if you create an executable installation-level profile script: "/etc/ssh/sftp-server.rc" and in it have:
# Use the Co:Z version of sftp-server even if the user
# doesn't have a ~/ssh/sftp-server.rc profile
USE_COZ_SFTP=true
-
danny_naicker
- Posts: 11
- Joined: Mon Jan 19, 2009 3:50 am
Danny,
You can use the SFTP_LOGFILE environment variable to set the name of a (HFS/zFS) file where the sftp-server log messages are written. The default is to create a file in /tmp. (See the sftp-server.sh shell script for details)
It is *possible* to set this in your /etc/sftp-server.rc to:
SFTP_LOGFILE=/dev/console
But I wouldn't really recommend this, since this log file is where all kinds of messages are written. In fact, the client could turn on tracing and it would spew a ton of stuff. The server also has a feature where the messages from this logfile can be downloaded to the client, but this feature would fail since /dev/console is not a readable file.
If your goal is to manage FTP transfers, you might want to look at using the SMF records. Products like "SDS FTP Manager" use SMF 119 records to audit/manage/report on file transfers.
An alternative would be for us to add a feature so that "important" messages could be logged to syslog. If you have features such as this that you would like added, please post specifics in another thread or send us an email and we can discuss offline.
Another alternative would be to write a simple daemon shell script that scraped the /tmp log files periodically for important events (and maybe also cleaned up the log files). Co:Z ships with a cool "wto" shell command that you could use that has options for controlling routcdes etc.
Hope that helps,
Kirk Wolf
You can use the SFTP_LOGFILE environment variable to set the name of a (HFS/zFS) file where the sftp-server log messages are written. The default is to create a file in /tmp. (See the sftp-server.sh shell script for details)
It is *possible* to set this in your /etc/sftp-server.rc to:
SFTP_LOGFILE=/dev/console
But I wouldn't really recommend this, since this log file is where all kinds of messages are written. In fact, the client could turn on tracing and it would spew a ton of stuff. The server also has a feature where the messages from this logfile can be downloaded to the client, but this feature would fail since /dev/console is not a readable file.
If your goal is to manage FTP transfers, you might want to look at using the SMF records. Products like "SDS FTP Manager" use SMF 119 records to audit/manage/report on file transfers.
An alternative would be for us to add a feature so that "important" messages could be logged to syslog. If you have features such as this that you would like added, please post specifics in another thread or send us an email and we can discuss offline.
Another alternative would be to write a simple daemon shell script that scraped the /tmp log files periodically for important events (and maybe also cleaned up the log files). Co:Z ships with a cool "wto" shell command that you could use that has options for controlling routcdes etc.
Hope that helps,
Kirk Wolf
-
danny_naicker
- Posts: 11
- Joined: Mon Jan 19, 2009 3:50 am
We've added a new feature that can be used to completely disable SMF recording.
See http://dovetail.com/forum/viewtopic.php?t=748
See http://dovetail.com/forum/viewtopic.php?t=748