[Pdns-users] Pdns-users Digest, Vol 120, Issue 13

Wed Jan 23 01:30:06 UTC 2013

Dear Bogdan Enache,
That's my pleasure to meet the orginal contributor of this facility.
Thanks for your help, i'm successfully save my poweradmin log to a
separated file. I'm very appreciate your help
It's just one more problem had not been solved:

"Can you show me how to log what user do after logged in (such as change
record, add zone ... more detail more great)"

I mean: if user modify record: create/delete/change domain, zone, ip, all
of these activity will be logged.
Thanks you so much my friend !

------------------------------
>
> Message: 2
> Date: Mon, 21 Jan 2013 15:46:26 +0200
> From: Bogdan Enache <enachebogdan at gmx.com>
> To: pdns-users at mailman.powerdns.com
> Subject: Re: [Pdns-users] [Help] - Audit the user login & what had
>         been edited in dns record
> Message-ID: <50FD46B2.7050203 at gmx.com>
> Content-Type: text/plain; charset=UTF-8
>
> Hi ??c,
> I'm the original contributor to this facility.
>
> I think that support questions regarding PowerAdmin should be directed
> to PowerAdmin site.
>
> And regarding your questions: full audit has not been implemented to
> PowerAdmin (tracking modifications, deletions etc).
> The original thread about the syslog implementation is here:
> https://www.poweradmin.org/trac/ticket/431
> The purpose of the changes was to track and ban ip's that try to
> brute-force hack their way into the web interface, using fail2ban.
>
> Sending the logs to another file (and not to /var/log/messages): make
> sure you read a tutorial on how to redirect syslog facilities to another
> files for your distribution.
> For example, what you could try:
>
> config.inc.php:
> |$syslog_facility = LOG_LOCAL5|;
>
> /etc/syslog.conf:
> # Log pdns, pdns recursor
> local5.* /var/log/poweradmin.log
>
> Have a nice day.
>
> Bogdan E.
>
>
> Pe 21.01.2013 11:30, ??c Vinh H? a scris:
> >
> > Dear all,
> >
> > I have an dns server using PowerDNS and PowerAdmin-2.1.5
> >
> > My system works great until one day, someone of my team logged in
> > PowerAdmin GUI website and change some PDNS record (all member of my
> > team had right to log-in & modify any record) So, that's the problem,
> > i want to audit what username logged in & what they do after
> > logged-in. I found that the latest version of poweradmin can help me
> > to logging the success & fail log in.
> >
> > After some configuration & updating poweradmin version form 2.1.5 to
> > 2.1.6, in my /var/log/messages start to log user authenticated of
> > powerdns.
> >
> > For example: /
> > /
> >
> > /Jan 21 11:45:19 localhost poweradmin: Successful authentication
> > attempt from [x.x.x.x] for user 'XXX'
> > /
> >
> > /Jan 21 11:45:44 localhost poweradmin: Failed authentication attempt
> > from [x.x.x.x] for user 'YYY'/
> >
> > /
> > /
> >
> > So now, i want to save these information into a separate file (not in
> > /var/log/messages) And can you show me how to log what user do after
> > logged in (such as change record, add zone ... more detail more great)
> >
> > Thank you so much !
> >
> > Vinh Ho
> >
> >
> >
> > _______________________________________________
> > Pdns-users mailing list
> > Pdns-users at mailman.powerdns.com
> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20130123/c65dff96/attachment.html>