日志测试:vsftp
系统版本:Redhat Linux 5.8
软件版本:vsftpd-2.0.5-24.el5.x86_64
配置1:vi /etc/vsftpd.conf
增加:syslog_enable=YES,xferlog_std_format=YES,xferlog_file=/var/log/xferlog
配置2:vi /etc/syslog.conf 增加:authpriv.*
;ftp.* /var/log/secure
1)登陆日志:
Aug 10 09:21:40 localhost vsftpd:Sun Aug 10 11:02:29 2014 [pid
13095] [ftp] OK LOGIN: Client "127.0.0.1", anon password
"ftp"
Aug 10 09:21:40 localhost vsftpd: Sun Aug 10 16:21:40 2014 [pid
27302] [test11] OK LOGIN: Client "127.0.0.1"
Aug 10 09:22:26 localhost vsftpd: Sun Aug 10 16:22:26 2014 [pid
27346] [test11] FAIL LOGIN: Client "127.0.0.1"
2)下载文件:
Aug 10 09:33:08 localhost vsftpd: Sun Aug 10 16:33:08 2014 [pid
27749] [test11] OK DOWNLOAD: Client "127.0.0.1",
"/var/ftp/pub/123.txt", 6 bytes, 0.67Kbyte/sec
Aug 10 09:34:01 localhost vsftpd: Sun Aug 10 16:34:01 2014 [pid
27749] [test11] FAIL DOWNLOAD: Client "127.0.0.1", "/123.txt",
0.00Kbyte/sec
Sun Aug 10 16:33:08 2014 1 127.0.0.1 6 /var/ftp/pub/123.txt b _ o r
test11 ftp 0 * c
Sun Aug 10 16:34:01 2014 1 127.0.0.1 0 /123.txt b _ o r test11 ftp
0 * i
3)上传文件:
Aug 10 09:37:43 localhost vsftpd: Sun Aug 10 16:37:43 2014 [pid
27749] [test11] FAIL UPLOAD: Client "127.0.0.1",
"/etc/vsftpd/123.txt", 0.00Kbyte/sec
Aug 10 09:40:45 localhost vsftpd: Sun Aug 10 16:40:45 2014 [pid
28051] [test11] OK UPLOAD: Client "127.0.0.1",
"/etc/vsftpd/123.txt", 0.00Kbyte/sec
Sun Aug 10 16:37:43 2014 1 127.0.0.1 0 /etc/vsftpd/123.txt b _ i r
test11 ftp 0 * i
Sun Aug 10 16:40:45 2014 1 127.0.0.1 0 /etc/vsftpd/123.txt b _ i r
test11 ftp 0 * c
4)日志格式说明:
Sun Aug 10 16:37:43 2014 1 127.0.0.1 0 /etc/vsftpd/123.txt b _ i
r test11 ftp 0 * i
发生时间 记录发生的时间 Sun Aug 10 16:37:43
2014 文件传输时间 传输该文件使用的时间 1
客户端 客户端主机的IP或主机名 127.0.0.1
文件大小 单位:字节 0
文件名 上传或下载的文件民称 /etc/vsftpd/123.txt
文件传输类型 a表示ASCII(文本),b(二进制)