Hello,
I have install the last copssh Copssh_5.0.4_x64_Installer on windows 2008 R2 SP2.
I have a question, can we configure a log file ?
When i lunch COPSSH Control Panel, i can select event log or stderr, but if i select stderr i don't know where the log is write.
Thank for your help
Best regards
We can confirm that there are some problems with SFTP logging. It seems that a syslog backend is needed for proper handling of logging. We are working on it.
Hi,
Have you progress to the SFTP Logging ?
Is it possible to log on a specific file if i upgrade on copssh 5.1.1 ?
Best regards
Emmanuel
We have created a syslog bundle and a related FAQ to activate syslog for a Copssh installation. Hope it helps.
Hi,
Thanks for the information. I have install this bundle, and I have set to eventlog via Copssh Control Paneln abd the SFTP Log level is set to verbose.
I have restart the openssh service.
The file messages is create in var\log directorie, but I haven't the information of the transfert good, remove files.
I have set the SFTP Log level is set toINFO, and I haven't the information of the transfert good, remove files.
I have check the configuration file syslog.conf and it's set to :
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;mail.none;authpriv.none /var/log/messages
# The authpriv file has restricted access.
#authpriv.* /var/log/secure
# Log all the mail messages in one place.
#mail.* /var/log/maillog
#For a start, use this simplifed approach.
*.* /var/log/messages
Can you help me ?
I want just log all the SFTP connection, transfert.
Thanks
Best regards
When I select SFTP logtype as eventlog and loglevel as INFO, I get following log information for each file:
Jun 2 08:29:03 TW1201 internal-sftp: PID 3284: open "/cygdrive/c/users/tev/Documents/cwgit_x86/doc/RelNotes/1.5.3.4.txt" flags WRITE,CREATE,TRUNCATE,EXCL mode 0666
Jun 2 08:29:03 TW1201 internal-sftp: PID 3284: debug1: request 795651: sent handle handle 0
Jun 2 08:29:03 TW1201 internal-sftp: PID 3284: debug1: request 796166: write "/cygdrive/c/users/tev/Documents/cwgit_x86/doc/RelNotes/1.5.3.4.txt" (handle 0) off 0 len 1208
Jun 2 08:29:03 TW1201 internal-sftp: PID 3284: sent status Success
Jun 2 08:29:03 TW1201 internal-sftp: PID 3284: close "/cygdrive/c/users/tev/Documents/cwgit_x86/doc/RelNotes/1.5.3.4.txt" bytes read 0 written 1208
Hi,
I want exactly that youhave, me i have only :
Jun 3 12:12:01 COMPUTERNAME sshd: PID 5064: Address 192.169.162.80 maps to mypc, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jun 3 12:12:01 COMPUTERNAME sshd: PID 5064: Accepted password for user from 192.169.162.56 port 61410 ssh2
The file copsshcp.config is :
[Server]
Port=22
Compression=delayed
LogLevel=INFO
TCPKeepAlive=yes
LoginGraceTime=120
Protocol=2
MaxAuthTries=6
MaxSessions=10
[Sftp]
Enabled=yes
SftpMode=internal-sftp
ReadOnly=no
LogLevel=VERBOSE
LogDestination=eventlog
[Options]
EventsTimeWindow=2 days
[Commands]
Linux shell and Sftp=-
Sftp=internal-sftp
SftpNoShell=internal-sftp
Linux shell=/bin/bash --login -i
Windows shell=/cygdrive/c/windows/system32/cmd.exe
No shell access=/bin/false
[Default]
[User computer\user]
Command=SftpNoShell
PasswordAuthentication=yes
PubkeyAuthentication=yes
AllowTcpForwarding=no
HomeDirectory=e:\home\user
I want approch this type of log :
(000003) 03/06/2015 12:24:02 - (not logged in) (192.169.162.56)> USER epaillot
(000003) 03/06/2015 12:24:02 - (not logged in) (192.169.162.56)> 331 Password required for epaillot
(000003) 03/06/2015 12:24:02 - (not logged in) (192.169.162.56)> PASS *********
(000003) 03/06/2015 12:24:02 - epaillot (192.169.162.56)> 230 Logged on
(000003) 03/06/2015 12:24:02 - epaillot (192.169.162.56)> STOR test_file_20150603.txt
(000003) 03/06/2015 12:24:02 - epaillot (192.169.162.56)> 550 Permission denied
.....
(000004) 03/06/2015 12:25:05 - epaillot (192.169.162.56)> STOR test_file_20150603.txt
(000004) 03/06/2015 12:25:06 - epaillot (192.169.162.56)> 226 Successfully transferred "/install/test_file_20150603.txt"
thanks for your help
Best regards