Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Docker container sshd logs

Tags:

docker

logging

ssh

How to enable ssh connections log (/var/log/auth.log) in a Docker container with openssh-server?

The /var/log/auth.log not exists in my container.

  • Docker version: 9.0
  • Host: Ubuntu 13.10
  • Container: Ubuntu 13.10
like image 695
Renan Vaz Avatar asked Mar 20 '14 07:03

Renan Vaz

People also ask

How do I view sshd logs?

On most modern systems, journalctl provides a convenient, standardized way to view ssh logs. On other systems, you can find the sshd log at /var/log/auth. log. For quick inspections, you can also use the lastlog command.

Can I access the logs of the docker container?

The docker logs command shows information logged by a running container. The docker service logs command shows information logged by all containers participating in a service. The information that is logged and the format of the log depends almost entirely on the container's endpoint command.

Where are docker logs stored?

By default, Docker stores log files in a dedicated directory on the host using the json-file log driver. The log file directory is /var/lib/docker/containers/<container_id> on the host where the container is running.

How do I monitor docker logs?

Specifying a Logging DriverEdit (or create) /etc/docker/daemon. json . Set the log-driver key to the name of a logging driver. Docker will use this driver for all containers created without a --log-driver flag.

2 Answers

The auth log is managed by the Syslog service. This service itself is traditionally managed (started) by the init system (Upstart in your case). By default a container doesn't run an init system, meaning that you'd have to start rsyslog manually :

# rsyslogd

After that, you'll find your usual log files in /var/log.

NB: init systems are not fully compatible with Docker containers. A common practice is to use Supervisord to start multiple services/processes automatically.

like image 53
mbarthelemy Avatar answered Oct 22 '22 13:10

mbarthelemy

Install the rsyslog package in the docker container:

$ apt-get install rsyslog

then start the daemon:

$ service rsyslog start

It seems a message such as below can be ignored, sshd logs to /var/log/auth.log anyway.

 * Starting enhanced syslogd rsyslogd                                                                                                                                                                                                           
rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Operation not permitted.
rsyslogd: activation of module imklog failed [v8.32.0 try http://www.rsyslog.com/e/2145 ]
like image 33
Noureddine SaBer Avatar answered Oct 22 '22 11:10

Noureddine SaBer
Sign in to Comment

Related questions

Logging the result of filter while using java streams filter by predicate
Configure Serilog File sink to use one log file per application run
Cons for defining logger non-static
Server Logging - in Database or Logfile?
Disable nginx logs
How to limit stdout.log file size when running Apache Tomcat as Windows service?
How to exclude a package from a log4j appender
Logging optional key values
What should I log in production app
Python, logging: use custom handler with dictionary configuration?
What log level to use for method enter/exit?
Separating Logging Code from C# Objects
how to create MyLogger?
Where does Prestashop Logger::addLog() save the log file?
Logging API for AS3
Hiding sensitive/confidential information in log files
Any reason not to always log stack traces?
How to store Logs in a txt file using the android.util.log
Using StreamWriter to implement a rolling log, and deleting from top
Enable debug logging for Log4J2 + Apache HttpClient

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!