The name of file to log authentication attempts to. Attempts
where the user is not found, are not logged. The default is no logging.
The file name can include
Section 3.3. Special formatters, which means that using the %C, %c and %R
specifiers, you can maintain separate password log files for each Realm or
Client or a combination.
Each login attempt that generates a
password check will be logged to the file, one attempt per line. For more
information about file format, see
Section 9.5. Accounting log file.
# Help desk want to see all password attempts
PasswordLogFileName %L/password.log
If the file name starts with
a vertical bar character ('|') then the rest of the filename is assumed to
be a program to which the output is to be piped. Otherwise the output will
be appended to the named file:
# Pipe to my-log-prog
PasswordLogFileName |/usr/local/bin/my-log-prog