3.25.8. PasswordLogFileName Previous topic Parent topic Child topic Next topic

The name of file to log authentication attempts to. Attempts where the user is not found, are not logged. The default is no logging. The file name can include Section 3.1. Special characters, which means that using the %C, %c and %R specifiers, you can maintain separate password log files for each Realm or Client or a combination.
Each login attempt that generates a password check will be logged to the file, one attempt per line. For more information about file format, see Section 9.5. Accounting log file.
# Help desk want to see all password attempts
PasswordLogFileName %L/password.log
If the file name starts with a vertical bar character ('|') then the rest of the filename is assumed to be a program to which the output is to be piped. Otherwise the output will be appended to the named file:
# Pipe to my-log-prog
PasswordLogFileName |/usr/local/bin/my-log-prog