Stop logging sshd to zimbra.log

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
User avatar
jogerj
Posts: 3
Joined: Wed Jul 22, 2020 9:10 am

Stop logging sshd to zimbra.log

Postby jogerj » Wed Jul 22, 2020 9:25 am

Running version "Release 8.8.15.GA.3869.UBUNTU18.64 UBUNTU18_64 FOSS edition, Patch 8.8.15_P11."
Recently I'm having a similar problem as https://forums.zimbra.org/viewtopic.php?t=59432

"zmcontrol status" reports everything to be running normally but the web admin would report otherwise. I checked /var/log/zimbra.log only to find loads of entries by sshd. They're the same as what you'd find in /var/log/auth.log

Basically given your server is under DDOS/Botnet attack on ssh port, your zimbra.log is filled with so much junk by sshd that the web admin could not confirm its services to be running. Is there a way to stop sshd to log messages in zimbra.log since it's redundant anyways? I've manually defined SyslogFacility in /etc/ssh/sshd_config but it still shows up in zimbra.log


User avatar
jogerj
Posts: 3
Joined: Wed Jul 22, 2020 9:10 am

Re: Stop logging sshd to zimbra.log

Postby jogerj » Fri Jul 31, 2020 10:20 am

Bumping this post

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 15 guests