I believe the issue to be with syslog now. I really don't want to build the boxes from scratch again, so i'm hoping it's a simple fix and that someone else has any clue where I can dig to get these ready to go without doing a rebuild Thanks!Įd, thanks for responding again to my thread! A /var/log/secure doesn't exist on ESXiĭSTAVERT, you are correct, ESXi does use UTC, which isn't a problem for me, I have all three hosts syncing with a local NTP server and all hosts have the correct date, when I issue the I"m not sure if there where the settings are for the dropbear ssh logs for logins or if something is a miss. However on my two other servers, whose configs are identical, when I go to duplicate this on their side, the dropbear doesn't appear to be in the /var/log/messages or in one case it was extremely delayed, by hours. #tail -f /var/log/messages | grep dropbearĪnd then I open a new putty session to log in, it will log accordingly and in realtime the attempt of username, or nonexistant username if it doesn't exist, and what IP address it is coming from. ![]() I've been trying to create custom rules that are monitoring the remote syslog from each host, I am trying to create a warning that tells me when someone is trying to login to each host via ssh. I have three identical HP Bl490c blades with identical configurations. ![]() ![]() Just about done with my ESXi host buildout for my migration.
0 Comments
Leave a Reply. |