Get your logs back in ArchLinux with syslog-ng

CTX · April 24, 2022, 8:22am

If in ArchLinux we want to have that log back where it always is, in order to know authentication attempts on our computer and others, to have a certainty of security beyond the firewall, syslog-ng can be an excellent alternative.

First we must install it in ArchLinux:

sudo pacman -S syslog-ng

Once installed, we proceed to start it:

sudo systemctl start syslog-ng

Then, so that it starts automatically we enable it with enable:

sudo systemctl enable syslog-ng

If it fails to start the service try:

systemctl start syslog-ng@default

systemctl enable syslog-ng@default

Grimy1928 · April 24, 2022, 8:36am

This is good and all but this isn't an issue and belongs under community which is where I've moved it too.

CTX · April 24, 2022, 8:36am

ok thank you

jonathon · April 24, 2022, 11:22am

What's wrong with the journal?

CTX · April 25, 2022, 1:35pm

I was used to find the auth.log file under /var/log.

system · May 9, 2022, 1:35pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.