HomeDocumentationAPI Reference
Log In
These docs are for v16. Click to read the latest docs for v33.

PrivX Log Settings

By default, regular and audit events are logged to syslog. Audit events use the namespace​ ​SSH-PRIVX-AUDIT​​, and other (info/debug/error) messages use the namespace​ ​SSH_PRIVX​​.

You can adjust the locations to which PrivX writes logs, and the log level of each microservice. The log locations are configured by settings in ​/opt/privx/etc/shared-config.toml​.

# Should we send PrivX system events to logs under /var/log/privx
# send_regular_events_to_stdout = false
​​send_regular_events_to_stdout = false​​

# Should we send PrivX audit events to syslog
# send_regular_events_to_syslog = true
​send_audit_events_to_syslog = true​​

# Should we send PrivX system events to syslog
# send_regular_events_to_syslog = true
​send_regular_events_to_syslog = true​​

To enable debug output for a microservice:

  1. Edit ​/opt/privx/scripts/<microservice_name>.sh​ (replace ​<microservice_name>​ with the name of the microservice) and set the ​SSH_TRACE​​ parameter:

    dir="/opt/privx/bin"
    cmd="SSH_LOG_LEVEL=DEBUG SSH_TRACE=6 /opt/privx/bin/auth"
    user="privx"
    
  2. By default, the system-logging service rsyslog​ is configured to show INFO-level messages only, which blocks DEBUG messages. To configure rsyslog​ to show DEBUG-level messages, find the following line in the ​rsyslog​ configuration file, ​/etc/rsyslog.conf​​:

    *.info;mail.none;authpriv.none;cron.none    /var/log/messages
    

    And change it to, for example:

    *.debug;mail.none;authpriv.none;cron.none    /var/log/messages
    

    Restart ​rsyslog​​ to apply the changes:

    # systemctl restart rsyslog
    
  3. Restart the ​privx​​ service to apply any changes to configuration files:

    # systemctl restart privx