From owner-freebsd-questions@FreeBSD.ORG Mon Oct 27 03:36:21 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D7EEF16A4BF for ; Mon, 27 Oct 2003 03:36:21 -0800 (PST) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC64F43FBD for ; Mon, 27 Oct 2003 03:36:19 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h9RBZjDK013916 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 27 Oct 2003 11:36:15 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id h9RBZjm3013915; Mon, 27 Oct 2003 11:35:45 GMT (envelope-from matthew) Date: Mon, 27 Oct 2003 11:35:45 +0000 From: Matthew Seaman To: chael@southgate.ph.inter.net Message-ID: <20031027113545.GB11587@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , chael@southgate.ph.inter.net, freebsd-questions@freebsd.org References: <000c01c39c3e$72c47950$fe01a8c0@JMICH> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qcHopEYAB45HaUaB" Content-Disposition: inline In-Reply-To: <000c01c39c3e$72c47950$fe01a8c0@JMICH> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on happy-idiot-talk.infracaninophile.co.uk cc: freebsd-questions@freebsd.org Subject: Re: Log every access to a file X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Oct 2003 11:36:22 -0000 --qcHopEYAB45HaUaB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 27, 2003 at 11:57:31AM +0800, chael@southgate.ph.inter.net wrot= e: > How do you create/add a system log to monitor every access to a specific = file (say a database file accessed through samba)? A sample line for syslog= =2Econf would be greatly appreciated ?? :-) Syslog.conf doesn't work that way: application processes themselves decide what log messages to generate and pass them to syslogd(8). syslogd(8) then takes care of writing those log messages into the log files, together with timestamps and other administrivia as required. /etc/syslog.conf is all about directing that flow of messages into the appropriate files categorized by priority and by what application made them. Samba has extensive logging capabilities itself -- which generally bypass syslog entirely, although there are options available to use syslog. It will certainly log who is accessing the server and from what machines. I don't think it has the capability to monitor accesses down to the level of a particular file though, but read the manuals carefully to be sure. If you really need to log all accesses to the file, then probably your best bet is to only make the file available via a web interface, which can be set to require passwords before it will allow access and will supply the logs you require. Alternatively, databases such as postgres or mysql can keep detailed logs of all queries run against them. =20 Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --qcHopEYAB45HaUaB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/nQMQdtESqEQa7a0RAmyzAJ4mP/GN5XmPrBYK0vc9zvF3Ga9rkACeN0me gPGiiJD2ZtJIDSTVrMaPMts= =anyx -----END PGP SIGNATURE----- --qcHopEYAB45HaUaB--