File Access Logs

mckendry1011 · March 8, 2019

I have a CentOS server which I use as an offsite backup server and it is accessed remotely either through WinSCP or Putty.

Is there any way to view the IP address, PC name and what has been accessed/downloaded through either WinSCP or Putty?

Thanks

Mira Yurizaki · March 8, 2019

https://serverfault.com/questions/273889/how-do-i-find-out-the-recent-ssh-logins-for-centos-and-their-ip-address/273891

This is for SSH activity, which SCP rides on. I'm assuming the PuTTY connection is also over SSH.

Mikensan · March 11, 2019

You would want to enable verbose logging for SSH I believe. You should be able to feed this log into something like ELK to parse it and easier to read. Or you could feed it into Splunk but I think that's more time/effort than ELK.

https://en.wikibooks.org/wiki/OpenSSH/Logging_and_Troubleshooting#Logging_Chrooted_SFTP

Sign In

File Access Logs

Link to comment

Share on other sites

Link to post

Share on other sites

Link to comment

Share on other sites

Link to post

Share on other sites

Link to comment

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Featured Topics

Topics

Latest From Linus Tech Tips:

The Wiiiiiiiiiiiiiiide Gaming Setup

Latest From Tech Quickie:

Yes, It’s Real: PCI Express x32

Latest From TechLinked:

M4 Already!?

Latest From GameLinked:

More Xbox Studios Will Close ...

Latest From ShortCircuit:

I need to test a theory… - AYANEO Flip DS

Latest From Mac Address:

Why did you buy an Apple Vision Pro?

Latest From Channel Super Fun:

I Swapped the CEO's Assistant For a Day!

My Activity Streams