X-Spam-Check-By: sourceware.org
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;         d=gmail.com; s=beta;         h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;         b=dU1PzXQdn1NbNvOx63izaiqdhzsV6CvBFyNUejors4emi9AbZge46sS41NEGC3i+VPbHj+AVQo+1LsfVIrPBGEbpAuwHPxdXvjfPI+N1KXrqBQNnzHlvrzQEs8S67f7QohI/1ZjZbHCu32WQmRHEEge+RY2dZ5AWx1OfU/xBy9A=
Message-ID: <31b7d2790702261108u136426c6y5559f6f59acf3bee@mail.gmail.com>
Date: Mon, 26 Feb 2007 13:08:12 -0600
From: "DePriest, Jason R." <jrdepriest AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: sshd timestamp logging
In-Reply-To: <5abc24640702261057x122cc04fldd539c7b631a2aef@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <5abc24640702261011v129b1f9fkb47e78bfb151bc29 AT mail DOT gmail DOT com> 	 <31b7d2790702261016sba3f0b5j526d5ad4fbae750b AT mail DOT gmail DOT com> 	 <5abc24640702261054m29861e2dk16fcda2a5d1464bc AT mail DOT gmail DOT com> 	 <5abc24640702261057x122cc04fldd539c7b631a2aef AT mail DOT gmail DOT com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On 2/26/07, Andrew Louie  wrote:
> > On 2/26/07, DePriest, Jason R.  wrote:
> > I installed syslog-ng as a service with cygrunsrv and I have sshd log to that.
> > It keeps time stamps.
> > Liek this:
> > Feb 26 12:13:31 srvc sshd: PID 1552: Connection from 172.21.128.39 port 5248
> > Feb 26 12:13:38 srvc sshd: PID 1552: Failed none for USER from
> > 172.21.128.39 port 5248 ssh2
> > Feb 26 12:13:45 srvc sshd: PID 1552: Failed password for USER from
> > 172.21.128.39 port 5248 ssh2
> > Feb 26 12:13:48 srvc sshd: PID 1552: Accepted password for USER from
> > 172.21.128.39 port 5248 ssh2
>
>
> Oops, sorry for the double post and previous top post, i accidently
> forgot to reformat my response so here it is again in proper format:
>
> I successfully installed syslog-ng, but the installtion neglected to
> install a syslog-ng.conf file. any idea how i can get/generate that
> file?
> also can you point me in the right direction of some kind of tutorial
> on how to use this syslog-ng? the man pages are alittle esoteric.
> or can you post the commands you used to get your logging setup like you have?
>
> --
> -Andrew Louie
>
> --

Read the book!
First lines of /usr/share/doc/Cygwin/syslog-ng.README

If you want to use syslog-ng, just run the /usr/bin/syslog-ng-config
script.  This script will create a default configuration file
/etc/syslog-ng.conf and it will install syslog-ng as a service on NT
systems on request.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/