Attachmate Worldwide  |   Contact Us  |   NetIQ.com
Home » Support » Solution Library » Technical Notes

Technical Notes

Enabling SFTP Logging in Reflection for Secure IT UNIX Server 6.1
Technical Note 1937
Last Reviewed 09-Jun-2005
Applies To
Reflection for Secure IT UNIX Server version 6.1
Summary

This technical note describes how to enable SFTP logging in Reflection for Secure IT UNIX Server 6.1.

Note the following:

  • Details provided in this technical note are specific to a host running the Solaris operating system. File locations and command syntax may be different on other host operating systems.
  • Beginning with version 6.0, the F-Secure ssh product line has a new name Reflection for Secure IT.

Enabling SFTP Logging

Follow these steps to enable SFTP logging in Reflection or F-Secure SSH for UNIX.

Note: Depending on the number of users and number of files uploaded or downloaded, the log file may fill up quickly.

  1. Open the sshd2_config file in a text editor. By default, this file is located in the /etc/ssh2 directory.
  2. Uncomment (remove the # symbol from the beginning of the line) the following line:
SftpSyslogFacility LOCAL7
  1. Save the file.
  2. Open the syslog.conf file in a text editor. By default, this file is located in the /etc directory.
  3. Add the following two lines:
# WRQ Reflection for Secure IT SFTP
local7.<level> /var/adm/sftplog

Replace <level> with one of the following two values:

    Value
    		Functions Logged
    notice
    		This value logs when the SFTP server starts and stops, directory listings, file deletions, file uploads and downloads, and when files are renamed.
    info
    		This value logs the same functions as above, plus server responses.
  1. Issue the following commands to create the file where the log information will be stored:
# cd /var/adm
# touch sftplog
# chown root sftplog
# chgrp sys sftplog
# chmod 600 sftplog
  1. Issue the following commands to stop the daemons:
#kill -9 `cat /var/run/syslog.pid`
#/etc/init.d/sshd2 stop
  1. Issue the following commands to start the daemons:
# /etc/init.d/sshd2 start
# /usr/sbin/syslogd

Logging starts once the daemons are restarted.

Disabling SFTP Logging

Follow these steps to disable SFTP logging.

  1. Open the sshd2_config file in a text editor. By default, this file is located in the /etc/ssh2 directory.
  2. Comment out (insert a # at the beginning of the line) the following line:
       #     SftpSyslogFacility LOCAL7

  1. Save the file.
  2. Open the syslog.conf file in a text editor. By default, this file is located in the /etc directory.
  3. Remove the following two lines:
# WRQ Reflection for Secure IT SFTP
local7.<level> /var/adm/sftplog
  1. Save the file.
  2. At the command prompt, enter the following commands to stop the log and ssh daemons:
#kill -9 `cat /var/run/syslog.pid`
#/etc/init.d/sshd2 stop
  1. Once the ssh daemons have been stopped, enter the following commands to restart the daemons:
# /etc/init.d/sshd2 start
# /usr/sbin/syslogd
  1. If you want to delete the log, delete the file /var/adm/sftplog.
Related Technical Notes
2291 Using Debug Mode to Troubleshoot Reflection for Secure IT Windows Server

horizontal line

Did this technical note answer your question?

Yes    No    Somewhat     Not sure yet

Additional comments about this tech note:

Need further help? For technical support, please contact Support.