# This is a sample syslog.conf fragment for use with Sudo. # # By default, sudo logs to "authpriv" if your system supports it, else it # uses "auth". The facility can be set via the --with-logfac configure # option or in the sudoers file. # To see what syslog facility a sudo binary uses, run `sudo -V' as *root*. # # NOTES: # The whitespace in the following line is made up of # characters, *not* spaces. You cannot just cut and paste! # # If you edit syslog.conf you need to send syslogd a HUP signal. # Ie: kill -HUP process_id # # Syslogd will not create new log files for you, you must first # create the file before syslogd will log to it. Eg. # 'touch /var/log/sudo' # This logs successful and failed sudo attempts to the file /var/log/auth # If your system has the authpriv syslog facility, use authpriv.debug auth.debug /var/log/auth # To log to a remote machine, use something like the following, # where "loghost" is the name of the remote machine. # If your system has the authpriv syslog facility, use authpriv.debug auth.debug @loghost