Dear Bogdan Enache,<br>That's my pleasure to meet the orginal contributor of this facility.<br>Thanks for your help, i'm successfully save my poweradmin log to a separated file. I'm very appreciate your help<br>
It's just one more problem had not been solved: <br><br>"Can you show me how to log what user do after logged in (such as change record, add zone ... more detail more great)"<br><br>I mean: if user modify record: create/delete/change domain, zone, ip, all of these activity will be logged.<br>
Thanks you so much my friend !<br><br><br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
------------------------------<br>
<br>
Message: 2<br>
Date: Mon, 21 Jan 2013 15:46:26 +0200<br>
From: Bogdan Enache <<a href="mailto:enachebogdan@gmx.com">enachebogdan@gmx.com</a>><br>
To: <a href="mailto:pdns-users@mailman.powerdns.com">pdns-users@mailman.powerdns.com</a><br>
Subject: Re: [Pdns-users] [Help] - Audit the user login & what had<br>
been edited in dns record<br>
Message-ID: <<a href="mailto:50FD46B2.7050203@gmx.com">50FD46B2.7050203@gmx.com</a>><br>
Content-Type: text/plain; charset=UTF-8<br>
<br>
Hi ??c,<br>
I'm the original contributor to this facility.<br>
<br>
I think that support questions regarding PowerAdmin should be directed<br>
to PowerAdmin site.<br>
<br>
And regarding your questions: full audit has not been implemented to<br>
PowerAdmin (tracking modifications, deletions etc).<br>
The original thread about the syslog implementation is here:<br>
<a href="https://www.poweradmin.org/trac/ticket/431" target="_blank">https://www.poweradmin.org/trac/ticket/431</a><br>
The purpose of the changes was to track and ban ip's that try to<br>
brute-force hack their way into the web interface, using fail2ban.<br>
<br>
Sending the logs to another file (and not to /var/log/messages): make<br>
sure you read a tutorial on how to redirect syslog facilities to another<br>
files for your distribution.<br>
For example, what you could try:<br>
<br>
config.inc.php:<br>
|$syslog_facility = LOG_LOCAL5|;<br>
<br>
/etc/syslog.conf:<br>
# Log pdns, pdns recursor<br>
local5.* /var/log/poweradmin.log<br>
<br>
Have a nice day.<br>
<br>
Bogdan E.<br>
<br>
<br>
Pe 21.01.2013 11:30, ??c Vinh H? a scris:<br>
><br>
> Dear all,<br>
><br>
> I have an dns server using PowerDNS and PowerAdmin-2.1.5<br>
><br>
> My system works great until one day, someone of my team logged in<br>
> PowerAdmin GUI website and change some PDNS record (all member of my<br>
> team had right to log-in & modify any record) So, that's the problem,<br>
> i want to audit what username logged in & what they do after<br>
> logged-in. I found that the latest version of poweradmin can help me<br>
> to logging the success & fail log in.<br>
><br>
> After some configuration & updating poweradmin version form 2.1.5 to<br>
> 2.1.6, in my /var/log/messages start to log user authenticated of<br>
> powerdns.<br>
><br>
> For example: /<br>
> /<br>
><br>
> /Jan 21 11:45:19 localhost poweradmin: Successful authentication<br>
> attempt from [x.x.x.x] for user 'XXX'<br>
> /<br>
><br>
> /Jan 21 11:45:44 localhost poweradmin: Failed authentication attempt<br>
> from [x.x.x.x] for user 'YYY'/<br>
><br>
> /<br>
> /<br>
><br>
> So now, i want to save these information into a separate file (not in<br>
> /var/log/messages) And can you show me how to log what user do after<br>
> logged in (such as change record, add zone ... more detail more great)<br>
><br>
> Thank you so much !<br>
><br>
> Vinh Ho<br>
><br>
><br>
><br>
> _______________________________________________<br>
> Pdns-users mailing list<br>
> <a href="mailto:Pdns-users@mailman.powerdns.com">Pdns-users@mailman.powerdns.com</a><br>
> <a href="http://mailman.powerdns.com/mailman/listinfo/pdns-users" target="_blank">http://mailman.powerdns.com/mailman/listinfo/pdns-users</a><br>
<br>
<br>
<br></blockquote></div><br>