Get your logs back in ArchLinux with syslog-ng

CTX · 24 April 2022 08:22

If in ArchLinux we want to have that log back where it always is, in order to know authentication attempts on our computer and others, to have a certainty of security beyond the firewall, syslog-ng can be an excellent alternative.

First we must install it in ArchLinux:

sudo pacman -S syslog-ng

Once installed, we proceed to start it:

sudo systemctl start syslog-ng

Then, so that it starts automatically we enable it with enable:

sudo systemctl enable syslog-ng

If it fails to start the service try:

systemctl start syslog-ng@default

systemctl enable syslog-ng@default

Grimy1928 · 24 April 2022 08:36

This is good and all but this isn't an issue and belongs under community which is where I've moved it too.

CTX · 24 April 2022 08:36

ok thank you

jonathon · 24 April 2022 11:22

What's wrong with the journal?

CTX · 25 April 2022 13:35

I was used to find the auth.log file under /var/log.

system · 9 May 2022 13:35

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.